CVE-2022-29445

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress.
Configurations

Configuration 1 (hide)

cpe:2.3:a:wow-estore:popup_box:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 06:59

Type Values Removed Values Added
CVSS v2 : 6.5
v3 : 7.2
v2 : 6.5
v3 : 6.8
References () https://patchstack.com/database/vulnerability/popup-box/wordpress-popup-box-plugin-2-1-2-authenticated-local-file-inclusion-lfi-vulnerability - Third Party Advisory () https://patchstack.com/database/vulnerability/popup-box/wordpress-popup-box-plugin-2-1-2-authenticated-local-file-inclusion-lfi-vulnerability - Third Party Advisory
References () https://wordpress.org/plugins/popup-box/#developers - Vendor Advisory () https://wordpress.org/plugins/popup-box/#developers - Vendor Advisory

Information

Published : 2022-05-18 17:15

Updated : 2024-11-21 06:59


NVD link : CVE-2022-29445

Mitre link : CVE-2022-29445

CVE.ORG link : CVE-2022-29445


JSON object : View

Products Affected

wow-estore

  • popup_box
CWE
CWE-706

Use of Incorrectly-Resolved Name or Reference