VDB-280595 · CVE-2022-4974 · GCVE-0-2022-4974

Freemius SDK 까지 2.0.1 켜짐 WordPress _get_debug_log/_get_db_option/_set_db_option 교차 사이트 요청 위조

CVSS 메타 임시 점수	현재 익스플로잇 가격 (≈)	CTI 관심 점수
5.2	$0-$5k	0.00

요약정보

취약점이 문제가 있는로 분류되어 Freemius SDK 까지 2.0.1 on WordPress에서 발견되었습니다. 영향을 받은 것은 _get_debug_log/_get_db_option/_set_db_option 함수이며. 이 조작 교차 사이트 요청 위조을(를) 발생시킵니다. 해당 취약점은 CVE-2022-4974로 식별됩니다. 공격을 원격으로 시작할 수 있습니다. 사용 가능한 익스플로잇이 없습니다. 영향을 받는 구성 요소를 업그레이드하는 것이 권장됩니다.

세부정보

취약점이 문제가 있는로 분류되어 Freemius SDK 까지 2.0.1 on WordPress에서 발견되었습니다. 영향을 받은 것은 _get_debug_log/_get_db_option/_set_db_option 함수이며. 이 조작 교차 사이트 요청 위조을(를) 발생시킵니다. CWE를 사용하여 문제를 선언하면 CWE-352로 연결됩니다. 이 취약점은 공개되었습니다. wordfence.com에서 권고 정보가 다운로드할 수 있도록 제공되었습니다.

해당 취약점은 CVE-2022-4974로 식별됩니다. CVE 할당은 2024. 10. 15. 에 이루어졌습니다. 공격을 원격으로 시작할 수 있습니다. 기술 세부 정보가 제공됩니다. 이 취약점의 인기도는 평균 이하입니다. 사용 가능한 익스플로잇이 없습니다. 현재 시점에서 익스플로잇의 가격은 대략 USD $0-$5k 일 수 있습니다.

정의되지 않음로 선언됩니다.

2.0.2(으)로의 업그레이드가 이 문제를 해결할 수 있습니다. 영향을 받는 구성 요소를 업그레이드하는 것이 권장됩니다.

영향 있음

YASR – Yet Another Star Rating Plugin for WordPress
Events Addon for Elementor
Fraud Prevention For WooCommerce and EDD
Gutenberg Blocks – ACF Blocks Suite
Ultimeter
Past Events Extension
Pootle Pagebuilder – WordPress Page builder
Local Delivery Drivers for WooCommerce
Ultimate Gutenberg – Custom Block Templates
WP Required Taxonomies – Categories and Tags Mandatory
Featured Products First for WooCommerce – A Extension of WooCommerce (WooCommerce Addon Plugin)
SSL Certificate – Free SSL, HTTPS by SSL Zen
Streak CRM For Gmail For Contact Form 7 – WordPress Plugin
WordPress Dev Powers – ACF Color Coded Field Types Plugin
DancePress (TRWA)
Product Size Charts Plugin for WooCommerce
Wp My Admin Bar
A no-code page builder for beautiful performance-based content
LocalSEOMap
Easy Prayer
AdFoxly – Ad Manager, AdSense Ads & Ads.txt
WP Get Personal
Checkout with Cash App on EDD
Server Info
Custom WooCommerce Checkout Fields Editor
KRSP Frontend File Uploader
Panorama Viewer- Best Plugin to Display Panoramic Images/Videos
Bulk Attachment Download
AutoSave Net
Premmerce Wholesale Pricing for WooCommerce
Any Popup – Popup Forms, Optins & Ads
Checkout with Venmo on EDD
Payment gateway per Product for WooCommerce
HQTheme Extra
Vit Website Reviews
WooCommerce EU VAT Assistant
WordPress Slider Block Gutenslider
HuCommerce | Magyar WooCommerce kiegészítések
KVoucher
Video Player for YouTube
Error Log Monitor
SlideDeck: Responsive WordPress Slider Plugin
Premmerce Multi-currency for Woocommerce
Booking Addon for WooCommerce
WP Event Partners – WordPress Plugin for Event and Conference Management
WC Shop Sync – Square Payment Gateway for WooCommerce, Inventory Sync Between Square and WooCommerce, Ultimate WooCommerce Square Plugin
Add Expires Headers & Optimized Minify
ForceField
FIT: Featured Image Toolkit
All in One Invite Codes
Dynamic Pricing and Discount Rules for WooCommerce
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss
Grid & Styler For Contact Form 7 And Divi
Protect Uploads with Login – Protect Your Uploads
Atlas – Knowledge Base
Simple Sitemap – Create a Responsive HTML Sitemap
Super Video Player- Best WordPress Video Display Plugin for mp4/OGG
WordPress Books Gallery
FiboSearch – Ajax Search for WooCommerce
Tag Groups is the Advanced Way to Display Your Taxonomy Terms
WP Free SSL – Free SSL Certificate for WordPress and force HTTPS
ClickerVolt – Affiliate Links & Click Tracking for Performance Marketers
ConsultPress Lite
Divi Forms Styler – Gravity Forms, Fluent Forms & Contact Form 7
StreamWeasels Twitch Integration
Mobile View for Responsive web design optimization (UX design) + Mobile Friendly Test
Zip Code Redirect
Guestofy – Restaurant Reservations Plugin, Room Planer, Reservation Form
CF7 Constant Contact Fields Mapping
Booking Calendar | Appointment Booking | Bookit
EthereumICO
RT Easy Builder – Advanced addons for Elementor
WP Contact Slider
Country Based Payments for WooCommerce
Filr – Secure document library
Elasta
MapGeo – Interactive Geo Maps
WordPress Animation Plugin – Animated Everything
WP Notification Bell
Activity Log For MainWP
Connected Sermons
Bulk Edit and Create User Profiles – WP Sheet Editor
Кнопка ЮMoney
Bulk WooCommerce Category Creator
Easy Math Captcha for CF7
Master Accordion ( Former WP Awesome FAQ Plugin )
Better Elementor Addons
Elementor Addons by Livemesh
Place Order Without Payment for WooCommerce
STEWoo – Super Transactional Emails for WooCommerce
DeMomentSomTres Address
Out of stock display for woocommerce
Ultimate Blocks – WordPress Blocks Plugin
Bulk Auto Image Title Attribute (Image Title tag) optimizer (Image SEO)
WP Radio – Worldwide Online Radio Stations Directory for WordPress
BookPress – For Book Authors
Qyrr – simply and modern QR-Code creation
WordPress Directory Plugin For Business Listings – WP Local Plus
Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors
Funnelmentals
Blockspare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed
Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook
Product Carousel For WooCommerce – WoorouSell
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings
GFireM Fields
Coupon Affiliates – Affiliate Plugin for WooCommerce
WP Post Block
LMS Plugin – eLearning, Online Courses by Attest
Frontend Admin by DynamiApps
Simple Giveaways – Grow your business, email lists and traffic with contests
WPTools Masonry Gallery & Posts For Divi
GFireM Action After
Woo Ukrposhta
annasta Woocommerce Product Filters
WP Lead Stream
The Events Calendar
Focus on Reviews for WooCommerce
Email Tracker – Email Tracking Plugin to track Emails for Open and Email Links Click (Compatible with WooCommerce)
Block Styler For Gravity Forms
WP Page Templates
Product Customer List for WooCommerce
WP Moose
Team Members – A WordPress Team Plugin with Gallery, Grid, Carousel, Slider, Table, List, and More
Floating Social Share Icons and Social Share buttons – Next Previous Post Links – FL
South Pole: Climate action now
LittleBot Invoices
Genealogical Tree – WordPress Family Tree
Automatic YouTube Gallery
Thank You Page for WooCommerce
Marijuana Age Verify
WooCommerce upcoming Products
Frontend Admin – Add and edit posts, pages, users and more all from the frontend
SV Tracking Manager
WP EasyPay – Square for WordPress
WordPress SEO Checklist
wGauge – Free Version
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC)
WP Tools Divi Product Carousel
Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor
Social Gallery Lite
Stackable – Page Builder Gutenberg Blocks
Five-Star Ratings Shortcode
CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress
Premmerce Wishlist for WooCommerce
Salon Booking System
Surbma | GDPR Proof Cookie Consent & Notice Bar
Advance Menu Manager
Live TV Player – Worldwide Live TV Channels Player for WordPress
Market Exporter
WP Adminify – Custom WordPress Dashboard, Login and Admin Customizer
TK Google Fonts GDPR Compliant
Starfish Review Generation & Marketing for WordPress
WP Emaily
Education Addon for Elementor
SV Proven Expert
SurveyFunnel – Survey Plugin for WordPress
Advanced Classifieds & Directory Pro
Music Player for Elementor – Audio Player & Podcast Player
Cryptocurrency Product for WooCommerce
WooCommerce Next Order Coupon
Overlay Image Divi Module
Email Header Footer
Document Viewer- Plugin to Display MS Office Docs
Price Bands for WooCommerce
Elementor Addon Elements
Smart Variations Images & Swatches for WooCommerce
Featured Images in RSS for Mailchimp & More
Simple Sponsorships
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
Joli Table Of Contents
Sparrow: Product Reviews and Ratings for WooCommerce
Multi Page Auto Advance for Gravity Forms
Generate Images – Magic Post Thumbnail
Live Scores for SportsPress
Hide Shipping Method For WooCommerce
Ultimate Carousel For Divi
WP Meta and Date Remover
Image Carousel For Divi
Comments Not Replied To
Contact Form 7 – Capsule CRM – Integration
Opensea
WordPress Translation plugin for Post, Pages & WooCommerce products. Tranzly IO AI DeepL automatic WordPress Translator.
Pixel Manager for WooCommerce – Track Google Analytics, Google Ads, TikTok and more
Modern Addons for Elementor Page Builder
Viralike
WordPress Dev Powers – Element Selector jQuery Powers Plugin
WP Munich Blocks – Gutenberg Blocks for WordPress
Availability datepicker – Integrate with Contact Form 7 and Divi
Footer Plugin for Divi
Accept Stripe Donation and Payments – AidWP
New User Approve
GFireM Advance Search
WPMailer – The best mail builder, No More Core for your emails support Elementor, CF7 forms etc…
Shared Files – Frontend File Upload Form & Secure File Sharing
WPBITS Addons For Elementor Page Builder
Speculor
WP Google Street View (with 360° virtual tour) & Google maps + Local SEO
WordPress Everse Starter Sites – Elementor Templates
Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations
Choice Payment Gateway for WooCommerce
Domain Mapping System | Create Microsites with Multiple Alias Domains (multisite optional)
Order and Inventory Manager for WooCommerce
Ninja Libs Amazon SES
Delete All Comments of wordpress
WP-Cron Status Checker
CodeKit – Custom Codes Editor
FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel
Change Price Title for WooCommerce
WordPress Gallery Plugin – Edge Photo Gallery
Glorious Services & Support
Easy Newsletter Signups
Announcement & Notification Banner – Bulletin
Advanced Database Replacer
Multisite Robots.txt Manager
Simple Social Page Widget & Shortcode
WooCommerce Country Catalogs – Product Country Restrictions
Front End PM
Ultimate Divi Modules Suite – Divi Sumo Lite
XT Points & Rewards for WooCommerce
Widgets for WooCommerce Products on Elementor
Delivery for WooCommerce
WP SMS Plugin – WordPress SMS Two Factor Authentication – 2FA, Two Factor, OTP SMS and Email
Security Ninja – Secure Firewall & Secure Malware Scanner
TinyMCE Annotate
Justified Gallery
Book BuyBack Prices
Fuse Social Floating Sidebar
WP-HR Manager: The Human Resources Plugin for WordPress
Emails Blacklist for Everest Forms
All-in-One Video Gallery
Woo Admin Product Notes
Remove Add to Cart WooCommerce
Checkout with Zelle on Woocommerce
WP Tools Gravity Forms Divi Module
Everse
Run time Image resizing
Rest Routes – Custom Endpoints

제품정보

유형

WordPress Plugin

이름

Freemius SDK

버전

CPE 2.3정보

CPE 2.2정보

CVSSv4정보

VulDB 벡터: 🔍
VulDB 신뢰성: 🔍

CVSSv3정보

VulDB 메타 베이스 점수: 5.3
VulDB 메타 임시 점수: 5.2

VulDB 기본 점수: 4.3
VulDB 임시 점수: 4.1
VulDB 벡터: 🔍
VulDB 신뢰성: 🔍

CNA 기본 점수: 6.3
CNA 벡터 (Wordfence): 🔍

CVSSv2정보

AV	AC	Au	C	I	A
💳	💳	💳	💳	💳	💳
💳	💳	💳	💳	💳	💳
💳	💳	💳	💳	💳	💳

벡터	복잡성	인증	기밀성	진실성	유효성
잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다
잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다
잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다

VulDB 기본 점수: 🔍
VulDB 임시 점수: 🔍
VulDB 신뢰성: 🔍

악용정보

수업: 교차 사이트 요청 위조
CWE: CWE-352 / CWE-862 / CWE-863
CAPEC: 🔍
ATT&CK: 🔍

물리적인: 아니요
현지: 아니요
원격: 네

유효성: 🔍
상태: 정의되지 않음

EPSS Score: 🔍
EPSS Percentile: 🔍

가격 예측: 🔍
현재 가격 추정: 🔍

0-Day	잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다
오늘	잠금 해제하다	잠금 해제하다	잠금 해제하다	잠금 해제하다

위협 인텔리전스정보

관심: 🔍
활성 배우: 🔍
활성 APT 그룹: 🔍

대책정보

추천: 업그레이드
상태: 🔍

0일 시간: 🔍

업그레이드: Freemius SDK 2.0.2

타임라인정보

2024. 10. 15. 🔍
2024. 10. 16. +1 날 🔍
2024. 10. 16. +0 날 🔍
2025. 03. 05. +140 날 🔍

출처정보

권고: wordfence.com
상태: 확인됨

CVE: CVE-2022-4974 (🔍)
GCVE (CVE): GCVE-0-2022-4974
GCVE (VulDB): GCVE-100-280595

항목정보

만들어진: 2024. 10. 16. AM 10:22
업데이트됨: 2025. 03. 05. AM 09:02
변경 사항: 2024. 10. 16. AM 10:22 (66), 2025. 03. 05. AM 09:02 (3)
완벽한: 🔍
Cache ID: 216::103

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

논의

아직 댓글이 없습니다. 언어: ko + en.

댓글을 작성하려면 로그인하세요.

◂ 이전 개요 다음 ▸

Do you need the next level of professionalism?

Upgrade your account now!