CVE-2022-1551

Summary

The SP Project & Document Manager WordPress plugin before 4.58 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files.

Affected Software

VendorProductVersion RangeStatus
UnknownSP Project & Document Manager0 < 4.58affected

Weaknesses

  • CWE-425 Direct Request ('Forced Browsing')

ADP Enrichment

CVE Program Container

Additional References

References