CVE-2022-3180

CVE-2022-3180: WPGateway <= 3.5 - Unauthenticated Privilege Escalation

Vendor Jack Hopman
Product WPGateway
Weakness CWE-290
Published February 11, 2025
Last update March 14, 2025

CVSS base score

What the vulnerability does

01Description

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

Key dates

02Disclosure timeline

February 11, 2025 CVE published
March 14, 2025 Record updated

Related vulnerabilities

04Related CVE