CVE-2022-1565
published 2022-07-18CVE-2022-1565: The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to…
PriorityP355high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EXPLOIT
EPSS
11.34%
95.4th percentile
The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wpallimport | wp_all_import | < 3.6.8 | 3.6.8 |
Detection & IOCsextracted from sources · hover to see the quote
commandPOST wp-admin/admin.php?page=pmxi-admin-settings&action=upload&_wpnonce=<nonce> with multipart async-upload=<zip_payload>↗
- ·The exploit requires administrator-level authentication. Detections based solely on the upload action may generate false positives from legitimate admin imports; correlate with the prior secure-mode-disable POST to reduce noise. ↗
- ·If the target site already has Secure Mode disabled, the exploit skips the settings-modification step entirely, meaning detections relying on the secure=0 POST will not fire. ↗
- ·The exploit re-enables Secure Mode after the upload to cover tracks; forensic analysis should check audit logs for the disable/re-enable cycle around the time of suspicious uploads. ↗
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vendor_redhat5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-ggqc-76h3-jpv2: The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz
ghsa_unreviewed·2022-07-19
CVE-2022-1565 [HIGH] CWE-434 GHSA-ggqc-76h3-jpv2: The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz
The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible.
Red Hat
kernel: fs: dlm: fix invalid derefence of sb_lvbptr
vendor_redhat·2025-10-07·CVSS 5.5
CVE-2022-50516 [MEDIUM] CWE-476 kernel: fs: dlm: fix invalid derefence of sb_lvbptr
kernel: fs: dlm: fix invalid derefence of sb_lvbptr
In the Linux kernel, the following vulnerability has been resolved:
fs: dlm: fix invalid derefence of sb_lvbptr
I experience issues when putting a lkbsb on the stack and have sb_lvbptr
field to a dangled pointer while not using DLM_LKF_VALBLK. It will crash
with the following kernel message, the dangled pointer is here
0xdeadbeef as example:
[ 102.749317] BUG: unable to handle page fault for address: 00000000deadbeef
[ 102.749320] #PF: supervisor read access in kernel mode
[ 102.749323] #PF: error_code(0x0000) - not-present page
[ 102.749325] PGD 0 P4D 0
[ 102.749332] Oops: 0000 [#1] PREEMPT SMP PTI
[ 102.749336] CPU: 0 PID: 1567 Comm: lock_torture_wr Tainted: G W 5.19.0-rc3+ #1565
[ 102.749343] Hardware name: Red Hat KVM/RHEL-AV, BIOS 1
No detection rules found.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/2749264/wp-all-import/trunk?contextall=1&old=2737093&old_path=%2Fwp-all-import%2Ftrunkhttps://www.wordfence.com/threat-intel/vulnerabilities/id/5d281333-d9af-4eb7-bc5c-ea7ceeddac03?source=cvehttps://www.wordfence.com/vulnerability-advisories/#CVE-2022-1565https://plugins.trac.wordpress.org/changeset/2749264/wp-all-import/trunk?contextall=1&old=2737093&old_path=%2Fwp-all-import%2Ftrunkhttps://www.wordfence.com/threat-intel/vulnerabilities/id/5d281333-d9af-4eb7-bc5c-ea7ceeddac03?source=cvehttps://www.wordfence.com/vulnerability-advisories/#CVE-2022-1565
2022-07-18
Published