Vulnerability CVE-2022-2354
Published: 2022-08-15

Description:
The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should.

Type:

CWE-94

 (Improper Control of Generation of Code ('Code Injection'))

 References:
https://wpscan.com/vulnerability/1c8c5861-ce87-4813-9e26-470d63c1903a
Copyright 2024, cxsecurity.com

 

Back to Top