How severe is CVE-2022-3180?

CVE-2022-3180 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2022-3180

Name: wpgateway
Author: wpgateway

9.8CRITICAL

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accoun

Publicado: 2/11/2025Atualizado: 6/5/2025

Descrição

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

Análise IADesenvolvido por IA

Produtos Afetados

wpgatewaywpgateway

Referências

https://www.wordfence.com/blog/2022/09/psa-zero-day-vulnerability-in-wpgateway-actively-exploited-in-the-wild/
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpgateway/wpgateway-35-unauthenticated-privilege-escalation
Third Party Advisory