Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2022-0377

CWE-327Broken Cryptographic AlgorithmCWE-610CWE-734 documents4 sources
Severity
4.3MEDIUM
EPSS
3.0%
top 13.33%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Unknown LearnpressThimpress Learnpress
Timeline
PublishedFeb 28
Latest updateMar 1

Description

Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request, the name of the user-supplied image is changed with a MD5 value. This process can be conducted only when type of the image is JPG or PNG. An attacker can use this vulne

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5unknown/learnpress< 4.1.5

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-6mqq-rw6c-7747: Users of the LearnPress WordPress plugin before 42022-03-01
CVEList
LearnPress < 4.1.5 - Arbitrary Image Renaming2022-02-28

💥Exploits & PoCs

1
Exploit-DB
WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming2022-02-02
CVE-2022-0377 (MEDIUM CVSS 4.3) | Users of the LearnPress WordPress p | cvebase.io