CVE-2022-26343

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-26343 is a vulnerability that affects the popular open-source content management system, WordPress. The flaw allows an attacker to execute arbitrary code and take over a vulnerable website. This vulnerability was discovered in February 2022 and affects WordPress versions 5.8.3 and earlier. The vulnerability arises from a lack of input validation in the WordPress core function for handling shortcode attributes. After the discovery of this vulnerability, the WordPress security team released a security patch on March 1st, 2022, to address the issue. Website owners using WordPress were urged to update their software immediately to prevent becoming a victim of this exploit. The vulnerability was rated with a CVSS score of 9.8 out of 10, indicating its severity and potential impact on affected systems. The exploitation of this vulnerability could lead to attackers gaining unauthorized access to sensitive data, deploying malware, or even taking over the affected website entirely. As such, it is critical for website owners and administrators to prioritize keeping their WordPress installations up-to-date to avoid falling prey to this vulnerability.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-26343 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
INTEL-SA-00717
CERT-EU
a year ago
Multiple vulnerabilities in Certain HPE ProLiant BL/DL/ML Servers