CVE-2022-33198

CRITICAL EXPLOITED NUCLEI

Accordions <2.0.2 - Info Disclosure

Title source: llm

CVE-2022-33198 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress.

WordPress Accordions - Unauthenticated Settings Update

CRITICALVERIFIEDby riteshs4hu

Core 2

Core References

Release Notes, Third Party Advisory x_refsource_confirm

Release Notes, Third Party Advisory x_refsource_confirm

CVSS v3 9.8

EPSS 0.0260

EPSS Percentile 83.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

VulnCheck KEV 2022-06-30

CWE

CWE-264

Status published

Products (2)

Biplob Adhikari/Accordions (WordPress plugin) <= 2.0.2 - 2.0.2

oxilab/accordions < 2.0.3

Published Jul 21, 2022

Tracked Since Feb 18, 2026