CVE-2022-40216

MEDIUM

Wordplus Better Messages < 1.9.10.71 - Improper Access Control

Title source: rule

Description

Auth. (subscriber+) Messaging Block Bypass vulnerability in Better Messages plugin <= 1.9.10.69 on WordPress.

Exploits (1)

github STUB 2 stars
by dhakalananda · poc
https://github.com/dhakalananda/cves/tree/main/CVE-2022-40216

References (2)

Scores

CVSS v3 4.3
EPSS 0.0019
EPSS Percentile 40.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-284
Status published
Products (1)
wordplus/better_messages < 1.9.10.71
Published Nov 18, 2022
Tracked Since Feb 18, 2026