Vulnerabilities > CVE-2022-4417 - Unspecified vulnerability in Cerber WP Cerber Security, Anti-Spam & Malware Scan

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

cerber

NVD

Published: 2023-01-02

Updated: 2023-11-07

Summary

The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 9.3.3 does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users

Vulnerable Configurations

Part	Description	Count
Application	Cerber Cerber WP Cerber Security, Anti Spam & Malware Scan - Cerber WP Cerber Security, Anti Spam & Malware Scan 8.4 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.5 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.5.3 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.5.5 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.5.6 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.5.8 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.5.9 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.6 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.6.3 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.6.5 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.6.8 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.7 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.8 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.8.3 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.8.5 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.8.6 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.9 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.9.3 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.9.5 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.9.5.2 Cerber WP Cerber Security, Anti Spam & Malware Scan 8.9.6	22

References

https://wpscan.com/vulnerability/a8c6b077-ff93-4c7b-970f-3be4d7971aa5