CVE-2022-2377
Directorist < 7.3.0 - Subscriber+ Arbitrary E-mail Sending
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The Directorist WordPress plugin before 7.3.0 does not have authorisation and CSRF checks in an AJAX action, allowing any authenticated users to send arbitrary emails on behalf of the blog
El plugin Directorist de WordPress versiones anteriores a 7.3.0, carece de comprobaciones de autorización y de tipo CSRF en una acción AJAX, lo que permite a cualquier usuario autenticado enviar correos electrónicos arbitrarios en nombre del blog
The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the send_announcement() function in versions up to, and including, 7.2.3. This makes it possible for authenticated attackers with subscriber level permissions to send arbitrary emails from the vulnerable WordPress site.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-07-11 CVE Reserved
- 2022-07-26 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-352: Cross-Site Request Forgery (CSRF)
- CWE-862: Missing Authorization
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://wpscan.com/vulnerability/f4e606e9-0664-42fb-a59b-21de306eb530 | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Wpwax Search vendor "Wpwax" | Directorist Search vendor "Wpwax" for product "Directorist" | < 7.3.0 Search vendor "Wpwax" for product "Directorist" and version " < 7.3.0" | wordpress |
Affected
| ||||||