CVE-2022-4109

Description

The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to download arbitrary logs from the server even when they should not be able to (for example in multisite)

CVSS Version 3.1

nvd
CVE ID: CVE-2022-4109
Base Score: 2.7
Base Severity: LOW
Vector String:CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Impact Score: 1.4
Exploitability Score: 1.2

Content on GitHub

halsey51013 | watchers:20

UpdateWindowsRE-CVE-2022-41099
Script to update Windows Recovery Environment to patch against CVE-2022-41099

Refrence: GitHub

o0MattE0o | watchers:3

CVE-2022-41099-Fix
Update WINRE.WIM file to fix CVE-2022-41099

Refrence: GitHub

dsn1321 | watchers:0

KB5025175-CVE-2022-41099

Refrence: GitHub

Refrence: NVD

Description​

Content on GitHub​

Description

Content on GitHub