CVE-2022-3180

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/02/2025
Last modified:
05/06/2025

Description

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:wpgateway:wpgateway:*:*:*:*:*:wordpress:*:* 3.5 (including)