cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-2441,https://securityvulnerability.io/vulnerability/CVE-2022-2441,Remote Code Execution in ImageMagick Engine Plugin for WordPress,"The ImageMagick Engine plugin for WordPress contains a vulnerability that allows for remote code execution through the manipulation of the 'cli_path' parameter. This issue affects versions up to and including 1.7.5, enabling unauthenticated users to execute arbitrary commands if they can convince a site administrator to interact with a malicious link. By exploiting this vulnerability, attackers can create or modify files on the server, potentially establishing backdoor access and compromising the security of the website.",Wordpress,Imagemagick Engine,8.8,HIGH,0.22310000658035278,false,,false,false,false,,false,false,2023-10-20T07:29:28.362Z,0
CVE-2022-3568,https://securityvulnerability.io/vulnerability/CVE-2022-3568,Deserialization Vulnerability in ImageMagick Engine Plugin for WordPress,"The ImageMagick Engine plugin for WordPress is vulnerable to an exploit involving the deserialization of untrusted input through the 'cli_path' parameter in versions up to and including 1.7.5. This vulnerability allows unauthenticated users to execute arbitrary PHP objects by tricking a site administrator into performing a malicious action, such as clicking on a crafted link. If successful, an attacker may upload a file containing a serialized payload, potentially leading to various harmful outcomes if a suitable object injection gadget (POP chain) is present.",Wordpress,Imagemagick Engine,8.8,HIGH,0.0010100000072270632,false,,false,false,false,,false,false,2023-02-10T00:15:00.000Z,0