CVE-2022-1390

CRITICAL EXPLOITED NUCLEI

Admin Word Count Column < 2.2 - Path Traversal

Title source: rule

Description

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique

Nuclei Templates (1)

WordPress Admin Word Count Column 2.2 - Local File Inclusion

CRITICALby daffainfo,Splint3r7

References (2)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/6293b319-dc4f-4412-9d56-55744246c990

[Exploit, Third Party Advisory, VDB Entry] https://packetstormsecurity.com/files/166476/

Scores

CVSS v3 9.8

EPSS 0.9115

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-11-27

CWE

CWE-22

Status published

Products (1)

admin_word_count_column_project/admin_word_count_column < 2.2

Published Apr 25, 2022

Tracked Since Feb 18, 2026