CVE-2022-3342

Published: Oct 20, 2023

Modified: Apr 8, 2026

PUBLISHED

CVSS v3.1

7.5

HIGH

Description

The Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf’ parameter in the 'zeroBSCRM_CSVImporterLitehtml_app' function in versions up to, and including, 5.3.1. While the function performs a nonce check, steps 2 and 3 of the check do not take any action upon a failed check. These steps then perform a 'file_exists' check on the value of 'zbscrmcsvimpf'. If a phar:// archive is supplied, its contents will be deserialized and an object injected in the execution stream. This allows an unauthenticated attacker to obtain object injection if they are able to upload a phar archive (for instance if the site supports image uploads) and then trick an administrator into performing an action, such as clicking a link.

Vendor	Product	Versions
automattic	Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation	affected `0 - <= 5.3.1`

Weaknesses (CWE)

CWE-502

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/98ab264f-b210-41d0-bb6f-b4f31d933f80?source=cve

https://plugins.trac.wordpress.org/browser/zero-bs-crm/trunk/includes/ZeroBSCRM.CSVImporter.php?rev=2790863

https://plugins.trac.wordpress.org/changeset/2805282/zero-bs-crm/trunk/includes/ZeroBSCRM.CSVImporter.php

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-3342

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References