← back
CVE-2022-1551

SP Project & Document Manager < 4.58 - Sensitive File Disclosure

EPSS 0.8%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
25 Jul 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The SP Project & Document Manager WordPress plugin before 4.58 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →