Vulnerability Details CVE-2022-2367
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.5%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-2367
-
cpe:2.3:a:wsm_downloader_project:wsm_downloader:1.4.0