Ghostwire
Home / Vulnerabilities / CVE-2022-50956

CVE-2022-50956: WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated...

MEDIUM CVSS 6.2 Exploit Available

Published: May 10, 2026 | Last Modified: May 10, 2026

Description

WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the open parameter. Attackers can supply file paths through the open GET parameter in dispatcher.php to include and read sensitive files accessible to the web server.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

CVE Feed
CVE-2022-50956 - WordPress Plugin amministrazione-aperta 3.7.3 Local File Read

References