1 results (0.016 seconds)
CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 0
CVE-2022-4950 – Cool Plugins (Various Versions) - Arbitrary Plugin Installation and Activation
https://notcve.org/view.php?id=CVE-2022-4950
04 Apr 2022 — Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal permissions, such as a subscriber. • https://blog.nintechnet.com/8-wordpress-plugins-fixed-high-severity-vulnerability • CWE-862: Missing Authorization •