CVE-2022-2046
MEDIUMDirectorist < 7.2.3 - Authenticated Arbitrary Plugin Installation via Unrestricted URL Domain
Title source: llmDescription
The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite configurations.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://wpscan.com/vulnerability/03a04eab-be47-4195-af77-0df2a32eb807
Third Party Advisory x_refsource_confirm
https://plugins.trac.wordpress.org/changeset/2752034/directorist?contextall=1&old=2731298&old_path=%2Fdirectorist
Scores
CVSS v3
4.9
EPSS
0.0076
EPSS Percentile
50.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-434
Status
published
Products (1)
wpwax/directorist
< 7.2.3
Published
Aug 08, 2022
Tracked Since
Feb 18, 2026