How severe is CVE-2022-3180?

CVE-2022-3180 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2022-3180

Name: wpgateway
Author: wpgateway

9.8CRITICAL

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accoun

Опубликовано: 2/11/2025Обновлено: 6/5/2025

Описание

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

ИИ-АнализНа базе ИИ

Затронутые продукты

wpgatewaywpgateway

Ссылки

https://www.wordfence.com/blog/2022/09/psa-zero-day-vulnerability-in-wpgateway-actively-exploited-in-the-wild/
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpgateway/wpgateway-35-unauthenticated-privilege-escalation
Third Party Advisory