CVE-2022-2046

Name of the Vulnerable Software and Affected Versions Directorist WordPress plugin versions prior to 7.2.3

Description The issue allows administrators to download plugins from unverified sources, potentially enabling them to run code on the server. This poses a significant risk, particularly in multisite configurations.

Recommendations For Directorist WordPress plugin versions prior to 7.2.3, update to version 7.2.3 or later to resolve the issue. As a temporary workaround, consider restricting the ability to download plugins from external sources until the update is applied.