The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. As a result, unauthenticated users could read arbitrary files on the web server (such as /etc/passwd, wp-config.php etc)
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/925c4c28-ae94-4684-a365-5f1e34e6c151 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-04-25T15:51:03
Updated: 2022-04-25T15:51:03
Reserved: 2022-02-17T00:00:00
Link: CVE-2022-0656
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-25T16:16:07.823
Modified: 2022-05-12T14:15:46.863
Link: CVE-2022-0656
JSON object: View
Redhat Information
No data.
CWE