Vulnerability Details : CVE-2022-44634
Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <= 1.1.12 on WordPress.
Products affected by CVE-2022-44634
- Villatheme » S2w - Import Shopify To Woocommerce » For WordpressVersions up to, including, (<=) 1.1.12cpe:2.3:a:villatheme:s2w_-_import_shopify_to_woocommerce:*:*:*:*:*:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-44634
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 27 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-44634
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
1.2
|
3.6
|
Patchstack | |
4.9
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
1.2
|
3.6
|
NIST |
References for CVE-2022-44634
-
https://wordpress.org/plugins/import-shopify-to-woocommerce/#developers
S2W – Import Shopify to WooCommerce – WordPress plugin | WordPress.orgProduct;Third Party Advisory
-
https://patchstack.com/database/vulnerability/import-shopify-to-woocommerce/wordpress-s2w-import-shopify-to-woocommerce-plugin-1-1-12-auth-local-file-inclusion-lfi-vulnerability?_s_id=cve
WordPress S2W – Import Shopify to WooCommerce plugin <= 1.1.12 - Auth. Arbitrary File Read vulnerability - PatchstackThird Party Advisory
Jump to