Vulnerabilites related to Unknown - InPost Gallery
cve-2022-4063
Vulnerability from cvelistv5
Published
2022-12-19 13:41
Modified
2024-08-03 01:27
Severity ?
Summary
The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers.
References
https://wpscan.com/vulnerability/6bb07ec1-f1aa-4f4b-9717-c92f651a90a7exploit, vdb-entry, technical-description
Impacted products
Vendor Product Version
Unknown InPost Gallery Version: 0   < 2.1.4.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:27:54.195Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "exploit",
              "vdb-entry",
              "technical-description",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/6bb07ec1-f1aa-4f4b-9717-c92f651a90a7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://wordpress.org/plugins",
          "defaultStatus": "unaffected",
          "product": "InPost Gallery",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "2.1.4.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "cydave"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP\u0027s extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files \u0026 URLs, which may enable them to run code on servers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-19T13:41:37.739Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "exploit",
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://wpscan.com/vulnerability/6bb07ec1-f1aa-4f4b-9717-c92f651a90a7"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "InPost Gallery \u003c 2.1.4.1 - Unauthenticated LFI to RCE",
      "x_generator": {
        "engine": "WPScan CVE Generator"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-4063",
    "datePublished": "2022-12-19T13:41:37.739Z",
    "dateReserved": "2022-11-18T19:48:29.662Z",
    "dateUpdated": "2024-08-03T01:27:54.195Z",
    "requesterUserId": "dc9e157c-ddf1-4983-adaf-9f01d16b5e04",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}