CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-0779

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its um_show_uploaded_file AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads

Exploit prediction scoring system (EPSS) score

EPSS Score 0.151

EPSS Ranking 94.3%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

Products affected by CVE-2022-0779

User-Meta » User Meta User Profile Builder And User Management » Version: 1.0.0

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.0.0
User-Meta » User Meta User Profile Builder And User Management » Version: 1.0.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.0.1
User-Meta » User Meta User Profile Builder And User Management » Version: 1.0.2

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.0.2
User-Meta » User Meta User Profile Builder And User Management » Version: 1.0.3

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.0.3
User-Meta » User Meta User Profile Builder And User Management » Version: 1.0.5

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.0.5
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.0

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.0
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.1
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.2

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.2
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.3

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.3
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.4

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.4
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.4.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.4.1
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.5

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.5
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.6

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.6
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.7

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.7
User-Meta » User Meta User Profile Builder And User Management » Version: 1.1.7.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.1.7.1
User-Meta » User Meta User Profile Builder And User Management » Version: 1.2

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.2
User-Meta » User Meta User Profile Builder And User Management » Version: 1.2.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.2.1
User-Meta » User Meta User Profile Builder And User Management » Version: 1.3

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.3
User-Meta » User Meta User Profile Builder And User Management » Version: 1.4

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.4
User-Meta » User Meta User Profile Builder And User Management » Version: 1.4.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.4.1
User-Meta » User Meta User Profile Builder And User Management » Version: 1.4.2

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.4.2
User-Meta » User Meta User Profile Builder And User Management » Version: 1.4.3

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:1.4.3
User-Meta » User Meta User Profile Builder And User Management » Version: 2.0

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.0
User-Meta » User Meta User Profile Builder And User Management » Version: 2.0.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.0.1
User-Meta » User Meta User Profile Builder And User Management » Version: 2.0.2

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.0.2
User-Meta » User Meta User Profile Builder And User Management » Version: 2.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.1
User-Meta » User Meta User Profile Builder And User Management » Version: 2.2

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.2
User-Meta » User Meta User Profile Builder And User Management » Version: 2.2.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.2.1
User-Meta » User Meta User Profile Builder And User Management » Version: 2.3

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.3
User-Meta » User Meta User Profile Builder And User Management » Version: 2.4

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.4
User-Meta » User Meta User Profile Builder And User Management » Version: 2.4.1

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.4.1
User-Meta » User Meta User Profile Builder And User Management » Version: 2.4.2

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.4.2
User-Meta » User Meta User Profile Builder And User Management » Version: 2.4.3

cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:2.4.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-0779

Products

Pricing

Contact Us