CVE-2022-3912

{"id": "CVE-2022-3912", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-12-12T18:15:11.753", "references": [{"url": "https://wpscan.com/vulnerability/968c677c-1beb-459b-8fd1-7f70bcaa4f74", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example."}, {"lang": "es", "value": "El complemento User Registration de WordPress anterior a 2.2.4.1 no restringe adecuadamente los archivos que se cargar\u00e1n mediante una acci\u00f3n AJAX disponible para usuarios autenticados y no autenticados, lo que podr\u00eda permitir a los usuarios no autenticados cargar archivos PHP, por ejemplo."}], "lastModified": "2023-11-07T03:51:57.353", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wpeverest:user_registration:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "648ED960-D679-4888-B498-6C4860AEB3A2", "versionEndExcluding": "2.2.4.1"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}