CVE-2022-1658
Jupiter Theme <= 6.10.1 - Authenticated Arbitrary Plugin Deletion
Vulnerable versions of the Jupiter Theme (<= 6.10.1) allow arbitrary plugin deletion by any authenticated user, including users with the subscriber role, via the abb_remove_plugin AJAX action registered in the framework/admin/control-panel/logic/plugin-management.php file. Using this functionality, any logged-in user can delete any installed plugin on the site.
We have discovered 169 live websites that are affected by CVE-2022-1658.
Affected Software
| Product | |
| Category | Wordpress Themes |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 147 |
| Vulnerable Domains | 169 live websites (0.75% of Jupiter install base) |
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2022-1658 and the relative popularity of websitesDetails
- Published - Jun 13, 2022
- Updated - Jun 13, 2022
Credits
- Ramuel Gall, Wordfence
CWE
CVE References
CWE References
Countries
 United States | 44 websites |
 Netherlands | 12 websites |
 Italy | 12 websites |
 Germany | 11 websites |
 Spain | 11 websites |
 France | 9 websites |
 GB | 7 websites |
 Austria | 6 websites |
 South Africa | 5 websites |
 Australia | 5 websites |
TLDs
| .com | 71 websites |
| .nl | 10 websites |
| .de | 7 websites |
| .es | 6 websites |
| .at | 5 websites |
| .pl | 5 websites |
| .it | 5 websites |
| .fr | 4 websites |
| .com.au | 4 websites |
| .org | 4 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2022-1658 through included software libraries and plugins.Websites affected by CVE-2022-1658
Top websites that are affected by CVE-2022-1658. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.com | United States | ***,*** | |
| ***.************.nl | Netherlands | ***,*** | |
| ***.**.com | GB | ***,*** | |
| ********.me | GB | *,***,*** | |
| ***************.at | Austria | *,***,*** | |
| *********************.org | United States | *,***,*** | |
| ******.com | United States | *,***,*** | |
| ******************.com | Germany | *,***,*** | |
| ***.******************.com | United States | *,***,*** | |
| ***********.pl |  Poland | *,***,*** |