WordPress Infinite Scroll – Ajax Load More <= 5.5.3 - Directory Traversal
CVE-2022-2945

4.9MEDIUM

Key Information:

Vendor: Wordpress
Status: WordPress Infinite Scroll – Ajax Load More
Vendor: CVE Published:; 6 September 2022

Summary

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.5.3 via the 'type' parameter found in the alm_get_layout() function. This makes it possible for authenticated attackers, with administrative permissions, to read the contents of arbitrary files on the server, which can contain sensitive information.

Affected Version(s)

WordPress Infinite Scroll – Ajax Load More * <= 5.5.3

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.svn.wordpress.org/ajax-load-more/tags/5.5...

https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 6, 2022
Vulnerability Reserved
Aug 22, 2022

Credit

Muhammad Zeeshan