logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-3383

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-3383

Description:
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the get_option_value_from_callback function that accepts user supplied input and passes it through call_user_func(). This makes it possible for authenticated attackers, with administrative capabilities, to execute code on the server.
Last updated date:
06/29/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
12/01/2022
Reference url to background

https://github.com/H4de5-7/vulnerabilities/blob/main/CVE-2022-3383%20%26%26%20CVE-2022-3384.md

Type:
exploit
Confidence:
HIGH
Date of publishing:
12/01/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy