CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-0316

The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.23

EPSS Ranking 95.6%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2022-0316

Aidreform Project » Aidreform » Version: N/A

cpe:2.3:a:aidreform_project:aidreform:-
Chimpgroup » Bolster » Version: N/A

cpe:2.3:a:chimpgroup:bolster:-
Chimpgroup » Spikes » Version: N/A

cpe:2.3:a:chimpgroup:spikes:-
Chimpgroup » Westand » Version: N/A

cpe:2.3:a:chimpgroup:westand:-
Club-Theme Project » Club-Theme » Version: N/A

cpe:2.3:a:club-theme_project:club-theme:-
Footysquare Project » Footysquare » Version: N/A

cpe:2.3:a:footysquare_project:footysquare:-
Pixfill » Kings Club » Version: N/A

cpe:2.3:a:pixfill:kings_club:-
Soundblast Project » Soundblast » Version: N/A

cpe:2.3:a:soundblast_project:soundblast:-
Spikes-Black Project » Spikes-Black » Version: N/A

cpe:2.3:a:spikes-black_project:spikes-black:-
Statfort Project » Statfort » Version: N/A

cpe:2.3:a:statfort_project:statfort:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-0316

Products

Pricing

Contact Us