Download Monitor Plugin up to 4.5.90 on WordPress Blog Folder wp-config.php file access

Summaryinfo

A vulnerability has been found in Download Monitor Plugin up to 4.5.90 on WordPress and classified as problematic. Impacted is an unknown function of the file wp-config.php of the component Blog Folder Handler. The manipulation leads to file access. This vulnerability is documented as CVE-2022-2222. The attack needs to be performed locally. There is not any exploit available. The affected component should be upgraded.

Detailsinfo

A vulnerability was found in Download Monitor Plugin up to 4.5.90 on WordPress (WordPress Plugin). It has been rated as problematic. This issue affects an unknown part of the file wp-config.php of the component Blog Folder Handler. The manipulation with an unknown input leads to a file access vulnerability. Using CWE to declare the problem leads to CWE-552. The product makes files or directories accessible to unauthorized actors, even though they should not be. Impacted is confidentiality. The summary by CVE is:

The Download Monitor WordPress plugin before 4.5.91 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup.

The weakness was released 07/17/2022. It is possible to read the advisory at wpscan.com. The identification of this vulnerability is CVE-2022-2222 since 06/27/2022. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1083 according to MITRE ATT&CK.

By approaching the search of inurl:wp-config.php it is possible to find vulnerable targets with Google Hacking.

Upgrading to version 4.5.91 eliminates this vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• WordPress Plugin

Name

• Download Monitor Plugin

Version

• 4.5.0
• 4.5.1
• 4.5.2
• 4.5.3
• 4.5.4
• 4.5.5
• 4.5.6
• 4.5.7
• 4.5.8
• 4.5.9
• 4.5.10
• 4.5.11
• 4.5.12
• 4.5.13
• 4.5.14
• 4.5.15
• 4.5.16
• 4.5.17
• 4.5.18
• 4.5.19
• 4.5.20
• 4.5.21
• 4.5.22
• 4.5.23
• 4.5.24
• 4.5.25
• 4.5.26
• 4.5.27
• 4.5.28
• 4.5.29
• 4.5.30
• 4.5.31
• 4.5.32
• 4.5.33
• 4.5.34
• 4.5.35
• 4.5.36
• 4.5.37
• 4.5.38
• 4.5.39
• 4.5.40
• 4.5.41
• 4.5.42
• 4.5.43
• 4.5.44
• 4.5.45
• 4.5.46
• 4.5.47
• 4.5.48
• 4.5.49
• 4.5.50
• 4.5.51
• 4.5.52
• 4.5.53
• 4.5.54
• 4.5.55
• 4.5.56
• 4.5.57
• 4.5.58
• 4.5.59
• 4.5.60
• 4.5.61
• 4.5.62
• 4.5.63
• 4.5.64
• 4.5.65
• 4.5.66
• 4.5.67
• 4.5.68
• 4.5.69
• 4.5.70
• 4.5.71
• 4.5.72
• 4.5.73
• 4.5.74
• 4.5.75
• 4.5.76
• 4.5.77
• 4.5.78
• 4.5.79
• 4.5.80
• 4.5.81
• 4.5.82
• 4.5.83
• 4.5.84
• 4.5.85
• 4.5.86
• 4.5.87
• 4.5.88
• 4.5.89
• 4.5.90

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion