CVE-2022-3180

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 11, 2025

Updated: Feb 18, 2025

CWE ID 523

Summary

CVE-2022-3180 is a privilege escalation vulnerability affecting the WPGateway Plugin for WordPress. In versions up to 3.5, this flaw enables unauthenticated attackers to create malicious administrator accounts, granting them elevated access to the WordPress site. Successful exploitation could lead to unauthorized content management, installation of malware, and other nefarious activities. To mitigate this risk, WordPress users are urged to update the WPGateway Plugin to the latest version as soon as possible. Unpatched installations remain susceptible to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

CODESYS HMI (SL)

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/mRr6Px
https://www.cve.org/CVERecord?id=CVE-2022-3180
https://nvd.nist.gov/vuln/detail/CVE-2022-3180

Back to Vulnerability Database

CVE-2022-3180

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations