id: CVE-2022-1392 info: name: WordPress Videos sync PDF <=1.7.4 - Local File Inclusion author: Veshraj severity: high description: WordPress Videos sync PDF 1.7.4 and prior does not validate the p parameter before using it in an include statement, which could lead to local file inclusion. impact: | Successful exploitation of this vulnerability could allow an attacker to read arbitrary files on the server, potentially leading to further compromise of the system. remediation: | Upgrade to the latest version of WordPress Videos sync PDF plugin (>=1.7.5) or apply the vendor-provided patch to mitigate the vulnerability. reference: - https://wpscan.com/vulnerability/fe3da8c1-ae21-4b70-b3f5-a7d014aa3815 - https://packetstormsecurity.com/files/166534/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1392 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-1392 cwe-id: CWE-22 epss-score: 0.01867 epss-percentile: 0.87073 cpe: cpe:2.3:a:commoninja:videos_sync_pdf:*:*:*:*:*:wordpress:*:* metadata: verified: true max-request: 1 vendor: commoninja product: videos_sync_pdf framework: wordpress tags: lfi,wp-plugin,unauth,wpscan,cve,cve2022,packetstorm,wp,wordpress,commoninja http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout" matchers-condition: and matchers: - type: word part: body words: - "failed to open stream: No such file or directory" - "REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php" condition: and - type: status status: - 200 # digest: 4a0a0047304502200a2d94a108091e1849d9cbb9ece85ba220eb1375a85536fa78a155b99f55a285022100cfd5547a2ecd47e1cd0db540692fe886707f775830f06cf407bce3039c2ab09c:922c64590222798bb761d5b6d8e72950