CVE-2022-50953 MEDIUM

CVE-2022-50953: WordPress Plugin admin-word-count-column 2.2 Local File Read

Vendor Brooks24
Product admin-word-count-column
Weakness CWE-22 · Path traversal
Published June 8, 2026
Last update June 8, 2026

CVSS base score

6.9/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing directory traversal sequences and null bytes to bypass file restrictions and read sensitive files like system configuration.

Explanation of Vulnerability in Simple Terms

02Summary

The Admin Word Count Column plugin for WordPress contains a path traversal vulnerability that allows local attackers to read arbitrary files from the server. The vulnerability exists in versions 2.2 and requires local access to the system. Site administrators should update to a patched version when available.

What an attacker can do

03Attacker Capabilities

Read arbitrary files from the server filesystem.

Potential impact on your site

04Site Impact

Sensitive files (config, database credentials, private keys) may be exposed if the site is on a shared host or the attacker has shell access.

Conditions required to exploit

05Prerequisites

Local access to the server; no authentication or user interaction required.

Key dates

06Disclosure timeline

June 8, 2026 CVE published
June 8, 2026 Record updated

Related vulnerabilities

08Related CVE