CVE-2022-3930

Published: Dec 12, 2022Modified: Apr 22, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own.

Affected (1)

Products: Wpwax: Directorist

Wpwax

1 product

Directorist

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wpwax Directorist	Before 7.4.2.2

References (2)

https://wpscan.com/vulnerability/8728d02a-51db-4447-a843-0264b6ceb413

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/8728d02a-51db-4447-a843-0264b6ceb413

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.