Security Vulnerabilities - CVEs Published In August 2022
The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-08-22
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-22
PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress.
CVSS Score
4.1
EPSS Score
0.002
Published
2022-08-22
Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-22
The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tp_reset” under the Utilities tab (/wp-admin/admin.php?page=tp_utils), which can be used/executed as the lowest-privileged user. Basically all Utilities functionalities are vulnerable this way, which involves resetting configurations and backup/restore operations.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-08-22
The Transposh WordPress Translation WordPress plugin through 1.0.8 does not sanitise and escape the order and orderby parameters before using them in a SQL statement, leading to a SQL injection
CVSS Score
7.2
EPSS Score
0.005
Published
2022-08-22
The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE
CVSS Score
7.2
EPSS Score
0.004
Published
2022-08-22
The LinkWorth WordPress plugin before 3.3.4 does not implement nonce checks, which could allow attackers to make a logged in admin change settings via a CSRF attack.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-08-22
The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before displaying private messages, allowing any logged in user to read other users private message using the message id, which can easily be brute forced.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-08-22
The WP Edit Menu WordPress plugin before 1.5.0 does not have CSRF in an AJAX action, which could allow attackers to make a logged in admin delete arbitrary posts/pages from the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2022-08-22