CVE-2022-0594

The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:shareaholic:shareaholic:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-07-25 06:15

Updated : 2022-11-04 20:15


NVD link : CVE-2022-0594

Mitre link : CVE-2022-0594


JSON object : View

CWE
CWE-863

Incorrect Authorization

Advertisement

dedicated server usa

Products Affected

shareaholic

  • shareaholic