CVE-2022-2981 The Download Monitor plugin before 4.5.98 doesn't check files to be downloaded are in the blog folders, allowing high-privilege users such as admins to download wp-config.php or /etc/passwd.

This issue has been fixed in version 4.5.99. If you have installed version 4.5.98 or earlier, you need to update to version 4.5.99 or later as soon as possible. After updating, you should create a new wp-config.php or /etc/passwd file with 777 permission and move your wp-config.php file outside the public_html folder.

Known Issues with WordPress 4.5.98

This issue has been fixed in version 4.5.99. If you have installed version 4.5.98 or earlier, you need to update to version 4.5.99 or later as soon as possible. After updating, you should create a new wp-config.php or /etc/passwd file with 777 permission and move your wp-config.php file outside the public_html folder.

What to do if you are running WP 4.5.97 or earlier?

If you are running WP 4.5.97 or earlier, you need to update to version 4.5.99 or later as soon as possible. After updating, you should create a new wp-config.php or /etc/passwd file with 777 permission and move your wp-config.php file outside the public_html folder.

What to do if you are still vulnerable

If you are still vulnerable to this vulnerability, please update your WordPress installation. If you have an automatic update plugin installed, it will take care of this for you.

Timeline

Published on: 10/10/2022 21:15:00 UTC
Last modified on: 10/12/2022 18:44:00 UTC

References

• https://wpscan.com/vulnerability/30ce32ce-161c-4388-8d22-751350b7b305
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2981