CVE-2022-3180

Critical

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated…

Wordfence·CWE-290·Published 2025-02-11

CVSS

9.8

EPSS

0.09

KEV

Exploits

cve.orgen

203 chars

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

NVDen

203 chars

NVDes

218 chars

El complemento WPGateway para WordPress es vulnerable a la escalada de privilegios en versiones hasta la 3.5 y incluida. Esto permite que atacantes no autenticados creen cuentas de administrador maliciosas arbitrarias.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H