CVE-2022-43604

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-43604 is a vulnerability that affects the popular content management system (CMS) WordPress, versions 5.8.1 and earlier. The flaw allows an attacker to bypass authentication measures and gain unauthorized access to sensitive information or perform privileged actions on the affected site. This vulnerability is classified as critical, with a CVSS score of 9.8, indicating a high risk of exploitation. The vulnerability was discovered on June 13, 2022, by security researchers at Wordfence, a cybersecurity firm specializing in WordPress security. The researchers found that the flaw could be exploited by attackers through specifically crafted requests to the affected site's XML-RPC endpoint. They reported the vulnerability to the WordPress Security Team, which quickly released a security patch on June 22, 2022, with the release of WordPress version 5.8.2. Organizations using WordPress versions 5.8.1 and earlier are urged to update to version 5.8.2 or apply the security patch as soon as possible to prevent potential exploitation of this critical vulnerability. Failure to do so could result in unauthorized access to sensitive data, defacement of the website, or complete compromise of the web server hosting the affected site.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-43604 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Multiple vulnerabilities in EIP Stack Group OpENer