Due to missing checks the Change Uploaded File Permissions WordPress plugin through 4.0.0 is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made readable for everyone due to this.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/c39719e5-dadd-4414-a96d-5e70a1e3d462 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-06-13T12:42:55
Updated: 2022-06-13T12:42:55
Reserved: 2022-05-18T00:00:00
Link: CVE-2022-1788
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-13T13:15:12.837
Modified: 2022-06-21T16:41:45.163
Link: CVE-2022-1788
JSON object: View
Redhat Information
No data.
CWE