CVE-2022-29445

High

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at…

Patchstack·CWE-706·Published 2022-05-18

CVSS

7.2

EPSS

0.01

KEV

Exploits

cve.orgen

142 chars

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress.

NVDen

142 chars

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress.

Una vulnerabilidad de inclusión de archivos locales (LFI) autenticada (administrador o rol superior) en el plugin Popup Box de Wow-Company versiones anteriores a 2.1.2 incluyéndola, en WordPress

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.5	8.0	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P
3.1	Primary	NVD	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	6.8	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	6.8	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	6.8	0.9	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H