CVE-2022-45359

CVSS V2 None CVSS V3 None

Description

Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin <= 3.19.0 on WordPress.

Overview

CVE ID
CVE-2022-45359

Assigner
audit@patchstack.com

Vulnerability Status
Analyzed

Published Version
2022-12-06T21:15:10

Last Modified Date
2022-12-07T21:50:37

Weakness Enumerations

CWE	URL
CWE-434	http://cwe.mitre.org/data/definitions/434.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:yithemes:yith_woocommerce_gift_cards:::::premium:wordpress::	1	OR		3.19.0

References

Reference URL	Reference Tags
https://patchstack.com/database/vulnerability/yith-woocommerce-gift-cards-premium/wordpress-yith-woocommerce-gift-cards-premium-plugin-3-19-0-unauth-arbitrary-file-upload-vulnerability?_s_id=cve

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-45359
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45359

History

Created	Old Value	New Value	Data Type	Notes
2022-12-07 18:06:51				Added to TrackCVE
2022-12-07 18:15:37	2022-12-06T21:15:10.207	2022-12-06T21:15:10	CVE Published Date	updated
2022-12-07 18:15:37		2022-12-07T04:52:18	CVE Modified Date	updated
2022-12-07 18:15:37	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2022-12-07 22:15:03		2022-12-07T21:50:37	CVE Modified Date	updated
2022-12-07 22:15:03	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2022-12-07 22:15:04			CPE Information	updated