โ† Back to Dashboard

CVE-2022-50953

MEDIUM NVD
CVSS Score
6.2
Severity
MEDIUM
Source
NVD
Published
Jun 08, 2026
Description

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing directory traversal sequences and null bytes to bypass file restrictions and read sensitive files like system configuration.

View Full Details โ† Back