CVE-2022-1390
CRITICAL EXPLOITED NUCLEIAdmin Word Count Column < 2.2 - Unauthenticated Path Traversal and Remote Code Execution via Null Byte Technique
Title source: llmExploitation Summary
CVE-2022-1390 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique
Nuclei Templates (1)
WordPress Admin Word Count Column 2.2 - Local File Inclusion
CRITICALby daffainfo,Splint3r7
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://wpscan.com/vulnerability/6293b319-dc4f-4412-9d56-55744246c990
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/166476/
Scores
CVSS v3
9.8
EPSS
0.2213
EPSS Percentile
97.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2023-11-27
CWE
CWE-22
Status
published
Products (1)
admin_word_count_column_project/admin_word_count_column
< 2.2
Published
Apr 25, 2022
Tracked Since
Feb 18, 2026