CVE-2022-50953

WordPress Plugin admin-word-count-column 2.2 Local File Read

CVSS 6.9 MEDIUMEPSS 0.3%CWE-22

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing directory traversal sequences and null bytes to bypass file restrictions and read sensitive files like system configuration.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

brooks24 · admin-word-count-column

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/50845unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wordpress.org/plugins/admin-word-count-column/https://www.exploit-db.com/exploits/50845 https://www.vulncheck.com/advisories/wordpress-plugin-admin-word-count-column-local-file-read