CVE-2022-3394 - Vulnerability Details - OpenCVE

The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but the privilege can be delegated to lower privileged users.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Soflyy	Wp All Export

Configuration 1 [-]

cpe:2.3:a:soflyy:wp_all_export:*:*:*:*:pro:wordpress:*:*

No data.

References

Link	Providers
https://wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2c

History

Wed, 07 May 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-10-25T00:00:00.000Z

Updated: 2025-05-07T13:54:49.339Z

Reserved: 2022-10-03T00:00:00.000Z

Link: CVE-2022-3394

Vulnrichment

Updated: 2024-08-03T01:07:06.598Z

NVD

Status : Modified

Published: 2022-10-25T17:15:57.413

Modified: 2025-05-07T14:15:32.610

Link: CVE-2022-3394

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-3394", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "dateUpdated": "2025-05-07T13:54:49.339Z", "dateReserved": "2022-10-03T00:00:00.000Z", "datePublished": "2022-10-25T00:00:00.000Z"}, "containers": {"cna": {"title": "WP All Export Pro < 1.7.9 - Authenticated Code Injection", "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2022-10-25T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but the privilege can be delegated to lower privileged users."}], "affected": [{"vendor": "Unknown", "product": "WP All Export Pro", "versions": [{"version": "1.7.9", "status": "affected", "lessThan": "1.7.9", "versionType": "custom"}]}], "references": [{"url": "https://wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2c"}], "credits": [{"lang": "en", "value": "Sanjay Das"}], "problemTypes": [{"descriptions": [{"type": "CWE", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')", "cweId": "CWE-94", "lang": "en"}]}], "x_generator": "WPScan CVE Generator", "source": {"discovery": "EXTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:07:06.598Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2c", "tags": ["x_transferred"]}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-05-07T13:53:47.408417Z", "id": "CVE-2022-3394", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-07T13:54:49.339Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-3394", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "dateUpdated": "2025-05-07T13:54:49.339Z", "dateReserved": "2022-10-03T00:00:00.000Z", "datePublished": "2022-10-25T00:00:00.000Z"}, "containers": {"cna": {"title": "WP All Export Pro < 1.7.9 - Authenticated Code Injection", "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2022-10-25T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but the privilege can be delegated to lower privileged users."}], "affected": [{"vendor": "Unknown", "product": "WP All Export Pro", "versions": [{"version": "1.7.9", "status": "affected", "lessThan": "1.7.9", "versionType": "custom"}]}], "references": [{"url": "https://wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2c"}], "credits": [{"lang": "en", "value": "Sanjay Das"}], "problemTypes": [{"descriptions": [{"type": "CWE", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')", "cweId": "CWE-94", "lang": "en"}]}], "x_generator": "WPScan CVE Generator", "source": {"discovery": "EXTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:07:06.598Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2c", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-3394", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-07T13:53:47.408417Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-07T13:54:44.104Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:soflyy:wp_all_export:*:*:*:*:pro:wordpress:*:*", "matchCriteriaId": "46C00DBB-0361-400C-9AA6-07CD0D251D8A", "versionEndExcluding": "1.7.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but the privilege can be delegated to lower privileged users."}, {"lang": "es", "value": "El plugin WP All Export Pro de WordPress versiones anteriores a 1.7.9, no limita algunas funcionalidades durante las exportaciones s\u00f3lo a usuarios con el rol de Administrador, permitiendo a cualquier usuario conectado al que le hayan dado privilegios para llevar a cabo exportaciones ejecutar c\u00f3digo arbitrario en el sitio. Por defecto, s\u00f3lo los administradores pueden ejecutar exportaciones, pero el privilegio puede ser delegado a usuarios con menos privilegios"}], "id": "CVE-2022-3394", "lastModified": "2025-05-07T14:15:32.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-10-25T17:15:57.413", "references": [{"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2c"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "[email protected]", "type": "Secondary"}]}