CVE-2022-31475

Summary

Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress.

Affected Software

VendorProductVersion RangeStatus
GiveWPGiveWP (WordPress plugin)<= 2.20.2 <= 2.20.2affected

Weaknesses

  • Arbitrary File Read

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References