CVE-2022-43450
WordPress Stream Plugin <= 3.9.2 is vulnerable to Insecure Direct Object References (IDOR)
Authorization Bypass Through User-Controlled Key vulnerability in XWP Stream.This issue affects Stream: from n/a through 3.9.2.
We have discovered 7,921 live websites that are affected by CVE-2022-43450.
Affected Software
| Product | |
| Category | Wordpress Plugins |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 40 |
| Vulnerable Domains | 7,921 live websites (18.42% of Stream install base) |
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2022-43450 and the relative popularity of websitesDetails
- Published - Dec 19, 2023
- Updated - Dec 19, 2023
Credits
- Lucio Sá (Patchstack Alliance) (finder)
CWE
CVE References
CWE References
Countries
 United States | 4,458 websites |
 Australia | 482 websites |
 GB | 453 websites |
 Canada | 411 websites |
 Italy | 259 websites |
 Germany | 213 websites |
 Netherlands | 182 websites |
 Spain | 167 websites |
 Russia | 148 websites |
 France | 89 websites |
TLDs
| .com | 4,610 websites |
| .org | 419 websites |
| .com.au | 371 websites |
| .co.uk | 260 websites |
| .it | 207 websites |
| .net | 187 websites |
| .ca | 182 websites |
| .nl | 151 websites |
| .de | 139 websites |
| .ru | 118 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2022-43450 through included software libraries and plugins.Websites affected by CVE-2022-43450
Top websites that are affected by CVE-2022-43450. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****.*********.org | United States | *** | |
| ***.******.com | United States | *,*** | |
| ***.**************.org | United States | **,*** | |
| ***.*******.com | United States | **,*** | |
| ***.*****.com | United States | **,*** | |
| ***.******.com | United States | **,*** | |
| ***.***********.com | United States | **,*** | |
| ******.com |  Singapore | **,*** | |
| *************.com | United States | **,*** | |
| ***.*****.***.au | Australia | **,*** |