Vulnerabilities > CVE-2022-3961 - Missing Authorization vulnerability in Wpwax Directorist

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
wpwax
CWE-862

Summary

The Directorist WordPress plugin before 7.4.4 does not prevent users with low privileges (like subscribers) from accessing sensitive system information.

Vulnerable Configurations

Part Description Count
Application
Wpwax
131

Common Weakness Enumeration (CWE)