CVE-2022-1119
- Reference to the description:
- Description:
- The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7.
- Last updated date:
- 01/11/2024
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 11/16/2022
- Reference url to background
https://unit42.paloaltonetworks.com/network-security-trends-update/
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 04/27/2022
- Reference url to background
https://docs.google.com/document/d/1qIZXTzEpI4tO6832vk1KfsSAroT0FY2l--THlhJ8z3c/edit
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 04/27/2022
- Reference url to background
https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/29/2022
- Reference url to background