Vulnerability Description
The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE
CVSS Score
7.2
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Transposh | Transposh Wordpress Translation | < 1.0.8 |
Related Weaknesses (CWE)
References
- https://wpscan.com/vulnerability/1f6bd346-4743-44b8-86d7-4fbe09bad657ExploitThird Party Advisory
- https://wpscan.com/vulnerability/1f6bd346-4743-44b8-86d7-4fbe09bad657ExploitThird Party Advisory
FAQ
What is CVE-2022-25812?
CVE-2022-25812 is a vulnerability with a CVSS score of 7.2 (HIGH). The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE
How severe is CVE-2022-25812?
CVE-2022-25812 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-25812?
Check the references section above for vendor advisories and patch information. Affected products include: Transposh Transposh Wordpress Translation.