First published: Thu Jul 21 2022(Updated: )
Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress.
Credit: audit@patchstack.com audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Givewp Givewp | <2.21.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2022-31475.
The title of this vulnerability is Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress.
The affected software is GiveWP's GiveWP plugin <= 2.20.2 at WordPress.
The severity of this vulnerability is medium.
To fix this vulnerability, update GiveWP plugin to version 2.21.0 or later.