CVE-2022-3180 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create…
Critical CVSS: 9.8

CVE-2022-3180

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.
Vendor
Wpgateway
Product
Wpgateway
CWE
CWE-290
Yayın Tarihi
2025-02-11 22:15:24
Güncelleme
2025-06-05 14:24:42
Source Identifier
security@wordfence.com
KEV Date Added
-

Kategoriler

CWE-290 Wpgateway CRITICAL Wpgateway 2025

Referanslar

https://www.wordfence.com/blog/2022/09/psa-zero-day-vulnerability-in-wpgateway-actively-exploited-in-the-wild/ https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpgateway/wpgateway-35-unauthenticated-privilege-escalation