The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release.
References
| Link | Resource |
|---|---|
| https://wpscan.com/vulnerability/3fde5336-552c-4861-8b4d-89a16735c0e2 | Exploit Third Party Advisory |
| https://www.pritect.net/blog/advanced-custom-fields-5-12-3-can-allow-unauthenticated-users-to-upload-arbitrary-files | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
23 Aug 2022, 19:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CWE | CWE-434 | |
| CPE | cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:*:wordpress:*:* cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:pro:wordpress:*:* |
|
| First Time |
Advancedcustomfields
Advancedcustomfields advanced Custom Fields |
|
| References | (MISC) https://wpscan.com/vulnerability/3fde5336-552c-4861-8b4d-89a16735c0e2 - Exploit, Third Party Advisory | |
| References | (MISC) https://www.pritect.net/blog/advanced-custom-fields-5-12-3-can-allow-unauthenticated-users-to-upload-arbitrary-files - Third Party Advisory |
22 Aug 2022, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-08-22 15:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-2594
Mitre link : CVE-2022-2594
CVE.ORG link : CVE-2022-2594
JSON object : View
Products Affected
advancedcustomfields
- advanced_custom_fields
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type