CVE-2022-50953

MEDIUM

WordPress Plugin admin-word-count-column 2.2 Local File Read

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-50953. PoCs published by Hassan Khan Yusufzai.

AI-analyzed exploit summary The exploit demonstrates a local file read vulnerability in the WordPress plugin 'admin-word-count-column' version 2.2. The vulnerable code in 'download-csv.php' uses user-controlled input from the 'path' parameter without proper sanitization, allowing directory traversal via null byte injection to read arbitrary files on the server.

Description

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing directory traversal sequences and null bytes to bypass file restrictions and read sensitive files like system configuration.

Exploits (1)

exploitdb WORKING POC

by Hassan Khan Yusufzai · textwebappsphp

https://www.exploit-db.com/exploits/50845

View Code ZIP pw:eip

The exploit demonstrates a local file read vulnerability in the WordPress plugin 'admin-word-count-column' version 2.2. The vulnerable code in 'download-csv.php' uses user-controlled input from the 'path' parameter without proper sanitization, allowing directory traversal via null byte injection to read arbitrary files on the server.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress Plugin admin-word-count-column 2.2

No auth needed

Prerequisites: PHP version 5.3.2 or below · WordPress plugin 'admin-word-count-column' version 2.2 installed

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Jun 08, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

ExploitDB-50845

https://www.exploit-db.com/exploits/50845

Product product

Official Product Homepage

https://wordpress.org/plugins/admin-word-count-column/

Third Party Advisory third-party-advisory

VulnCheck Advisory: WordPress Plugin admin-word-count-column 2.2 Local File Read

https://www.vulncheck.com/advisories/wordpress-plugin-admin-word-count-column-local-file-read

Scores

CVSS v3 6.2

EPSS 0.0031

EPSS Percentile 22.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

brooks24/admin-word-count-column 2.2

Published Jun 08, 2026

Tracked Since Jun 08, 2026