CVE-2022-33970 : Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addo

Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress.

Published 2022-07-27 14:15:08

Updated 2023-06-29 15:46:07

Source Patchstack

View at NVD, CVE.org

Products affected by CVE-2022-33970

Oxilab » Shortcode Addons » For Wordpress
Versions before (<) 3.2.0
cpe:2.3:a:oxilab:shortcode_addons:*:*:*:*:*:wordpress:*:*
Matching versions

EPSS FAQ

0.32%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 54 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	1.2	5.9	Patchstack
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	1.2	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

https://patchstack.com/database/vulnerability/shortcode-addons/wordpress-shortcode-addons-plugin-3-1-2-authenticated-wordpress-options-change-vulnerability

WordPress Shortcode Addons plugin <= 3.1.2 - Authenticated WordPress Options Change vulnerability - Patchstack
Third Party Advisory
https://wordpress.org/plugins/shortcode-addons/#developers

Shortcode Addons- with Visual Composer, Divi, Beaver Builder and Elementor Extension – WordPress plugin | WordPress.org
Product;Release Notes

CVEs referencing this url

Jump to