Vulnerabilites related to coolplugins - cryptocurrency_widgets_for_elementor
Vulnerability from fkie_nvd
Published
2024-11-30 21:15
Modified
2025-03-19 21:01
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| coolplugins | cryptocurrency_widgets_for_elementor | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:coolplugins:cryptocurrency_widgets_for_elementor:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "E3EE8D17-4AA0-4F8B-B3B1-7611680E5F05",
"versionEndExcluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027) vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4."
},
{
"lang": "es",
"value": "La vulnerabilidad de control inadecuado del nombre de archivo para la declaraci\u00f3n Include/Require en el programa PHP (\u0027Inclusi\u00f3n de archivo remoto PHP\u0027) en Cool Plugins Cryptocurrency Widgets For Elementor permite la inclusi\u00f3n de archivos locales PHP. Este problema afecta a Cryptocurrency Widgets For Elementor: desde n/a hasta 1.6.4."
}
],
"id": "CVE-2024-53739",
"lastModified": "2025-03-19T21:01:50.547",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-30T21:15:15.653",
"references": [
{
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/wordpress/plugin/cryptocurrency-widgets-for-elementor/vulnerability/wordpress-cryptocurrency-widgets-for-elementor-plugin-1-6-4-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"sourceIdentifier": "audit@patchstack.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-98"
}
],
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-706"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-07 02:15
Modified
2024-11-21 07:36
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal permissions, such as a subscriber.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:coolplugins:cool_timeline:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B0EB744A-1F45-4381-B2D1-40B5F18A451D",
"versionEndExcluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:coolplugins:cryptocurrency_widgets:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7C167C14-32C8-4492-AA99-470F9EB66F31",
"versionEndExcluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:coolplugins:cryptocurrency_widgets_for_elementor:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "356F16F6-7CCA-45E4-8D3D-28647EC0E9C0",
"versionEndExcluding": "1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:coolplugins:event_single_page_builder_for_the_event_calendar:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F7CAAE89-9BB2-4F08-BC69-0E8AF4B2738F",
"versionEndExcluding": "1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:coolplugins:events-notification-bar-addon:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "61640038-2699-41C1-A86B-6B7377F628E3",
"versionEndExcluding": "1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:coolplugins:events_search_for_the_events_calendar:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "C152C683-8E12-44C4-95BD-DF27C96E6F68",
"versionEndExcluding": "1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:coolplugins:events_shortcodes_for_the_events_calendar:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "5F1F3A5B-7EEC-4460-B969-8B23B8FED3BD",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:coolplugins:events_widgets_for_elementor_and_the_events_calendar:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B69CF29B-2A58-4C5E-AD28-E485C7055924",
"versionEndExcluding": "1.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:coolplugins:the_events_calendar_countdown_addon:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1CD54721-0C86-4B22-B69E-EC25E04DB335",
"versionEndExcluding": "1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cryptocurrency_payment_\\\u0026_donation_box_plugins:cryptocurrency_payment_\\\u0026_donation_box:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "21665B07-BBDF-4425-B8BC-DD88452DBA78",
"versionEndExcluding": "1.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal permissions, such as a subscriber."
}
],
"id": "CVE-2022-4950",
"lastModified": "2024-11-21T07:36:18.810",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-07T02:15:15.813",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.nintechnet.com/8-wordpress-plugins-fixed-high-severity-vulnerability/"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2705076/cool-timeline/trunk/admin/timeline-addon-page/timeline-addon-page.php"
},
{
"source": "security@wordfence.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6f0fb78-ad6b-4a9e-ae1a-5793f3426379?source=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.nintechnet.com/8-wordpress-plugins-fixed-high-severity-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2705076/cool-timeline/trunk/admin/timeline-addon-page/timeline-addon-page.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6f0fb78-ad6b-4a9e-ae1a-5793f3426379?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-53739 (GCVE-0-2024-53739)
Vulnerability from cvelistv5
Published
2024-11-30 20:55
Modified
2024-12-02 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Summary
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cool Plugins | Cryptocurrency Widgets For Elementor |
Version: n/a < |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:coolplugins:cryptocurrency_widgets_for_elementor:-:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "cryptocurrency_widgets_for_elementor",
"vendor": "coolplugins",
"versions": [
{
"lessThanOrEqual": "1.6.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53739",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T15:51:16.172020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T15:52:43.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "cryptocurrency-widgets-for-elementor",
"product": "Cryptocurrency Widgets For Elementor",
"vendor": "Cool Plugins",
"versions": [
{
"changes": [
{
"at": "1.6.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Zaidan Rizaki (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027) vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.\u003cp\u003eThis issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4.\u003c/p\u003e"
}
],
"value": "Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027) vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4."
}
],
"impacts": [
{
"capecId": "CAPEC-252",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-252 PHP Local File Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-98",
"description": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-30T20:55:57.306Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/cryptocurrency-widgets-for-elementor/vulnerability/wordpress-cryptocurrency-widgets-for-elementor-plugin-1-6-4-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Cryptocurrency Widgets For Elementor plugin to the latest available version (at least 1.6.5)."
}
],
"value": "Update the WordPress Cryptocurrency Widgets For Elementor plugin to the latest available version (at least 1.6.5)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Cryptocurrency Widgets For Elementor plugin \u003c= 1.6.4 - Local File Inclusion vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-53739",
"datePublished": "2024-11-30T20:55:57.306Z",
"dateReserved": "2024-11-22T13:51:57.971Z",
"dateUpdated": "2024-12-02T15:52:43.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4950 (GCVE-0-2022-4950)
Vulnerability from cvelistv5
Published
2023-06-07 01:51
Modified
2024-12-23 16:20
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal permissions, such as a subscriber.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | narinder-singh | The Events Calendar Countdown Addon |
Version: * ≤ 1.3.1 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6f0fb78-ad6b-4a9e-ae1a-5793f3426379?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2705076/cool-timeline/trunk/admin/timeline-addon-page/timeline-addon-page.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/8-wordpress-plugins-fixed-high-severity-vulnerability/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4950",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-23T16:00:39.467646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-23T16:20:36.227Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "The Events Calendar Countdown Addon",
"vendor": "narinder-singh",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "The Events Calendar Events Notification Bar Addon",
"vendor": "narinder-singh",
"versions": [
{
"lessThanOrEqual": "1.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cool Timeline (Horizontal \u0026 Vertical Timeline)",
"vendor": "narinder-singh",
"versions": [
{
"lessThanOrEqual": "2.3.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cryptocurrency Payment \u0026 Donation Box \u2013 Accept Payments in any Cryptocurrency on your WP Site for Free",
"vendor": "blackworks1",
"versions": [
{
"lessThanOrEqual": "1.7",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Events Search For The Events Calendar",
"vendor": "narinder-singh",
"versions": [
{
"lessThanOrEqual": "1.1.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cryptocurrency Widgets For Elementor",
"vendor": "coolplugins",
"versions": [
{
"lessThan": "1.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Event Single Page Builder For The Event Calendar",
"vendor": "narinder-singh",
"versions": [
{
"lessThanOrEqual": "1.5",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Events Shortcodes For The Events Calendar",
"vendor": "narinder-singh",
"versions": [
{
"lessThanOrEqual": "1.9.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cryptocurrency Widgets \u2013 Price Ticker \u0026 Coins List",
"vendor": "narinder-singh",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Events Widgets For Elementor And The Events Calendar",
"vendor": "coolplugins",
"versions": [
{
"lessThanOrEqual": "1.4.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jerome Bruandet"
}
],
"descriptions": [
{
"lang": "en",
"value": "Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal permissions, such as a subscriber."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-862 Missing Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-07T01:51:53.458Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6f0fb78-ad6b-4a9e-ae1a-5793f3426379?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2705076/cool-timeline/trunk/admin/timeline-addon-page/timeline-addon-page.php"
},
{
"url": "https://blog.nintechnet.com/8-wordpress-plugins-fixed-high-severity-vulnerability/"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-04-04T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2022-4950",
"datePublished": "2023-06-07T01:51:53.458Z",
"dateReserved": "2023-06-06T13:39:44.796Z",
"dateUpdated": "2024-12-23T16:20:36.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}