CVE-2022-4060
User Post Gallery <= 2.19 - Unauthenticated RCE
The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Unknown · User Post Gallerypublic PoCs found — 2
githubgithub.com/im-hanzou/UPGer★ 8cve_referencewpscan.com/vulnerability/8f982ebd-6fc5-452d-8280-42e027d01b1eunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →