CVE-2022-2945 - Vulnerability Details - OpenCVE

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.5.3 via the 'type' parameter found in the alm_get_layout() function. This makes it possible for authenticated attackers, with administrative permissions, to read the contents of arbitrary files on the server, which can contain sensitive information.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00646.

Key SSVC decision points have not yet been added.

Vendors	Products
Connekthq	Ajax Load More

Configuration 1 [-]

cpe:2.3:a:connekthq:ajax_load_more:*:*:*:*:*:wordpress:*:*

No data.

No data.

References

Link	Providers
https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7d5deb76bf9
https://plugins.svn.wordpress.org/ajax-load-more/tags/5.5.4/README.txt
https://www.wordfence.com/threat-intel/vulnerabilities/id/8957413c-95e0-49c8-ba8a-02b9b5141e08?source=cve
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2945

History

Wed, 08 Apr 2026 17:45:00 +0000

Type	Values Removed	Values Added
Title		WordPress Infinite Scroll – Ajax Load More <= 5.5.3 - Directory Traversal

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2022-09-06T17:19:01.000Z

Updated: 2026-04-08T17:05:28.279Z

Reserved: 2022-08-22T00:00:00.000Z

Link: CVE-2022-2945

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-06T18:15:15.330

Modified: 2026-04-08T18:17:27.283

Link: CVE-2022-2945

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:05:28.279Z"}, "affected": [{"vendor": "dcooney", "product": "Ajax Load More \u2013 Infinite Scroll, Load More, & Lazy Load", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WordPress Infinite Scroll \u2013 Ajax Load More plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.5.3 via the 'type' parameter found in the alm_get_layout() function. This makes it possible for authenticated attackers, with administrative permissions, to read the contents of arbitrary files on the server, which can contain sensitive information."}], "title": "WordPress Infinite Scroll \u2013 Ajax Load More <= 5.5.3 - Directory Traversal", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8957413c-95e0-49c8-ba8a-02b9b5141e08?source=cve"}, {"url": "https://plugins.svn.wordpress.org/ajax-load-more/tags/5.5.4/README.txt"}, {"url": "https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7d5deb76bf9"}, {"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2945"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Zeeshan"}], "timeline": [{"time": "2022-08-22T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:52:59.996Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8957413c-95e0-49c8-ba8a-02b9b5141e08?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.svn.wordpress.org/ajax-load-more/tags/5.5.4/README.txt", "tags": ["x_transferred"]}, {"url": "https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7d5deb76bf9", "tags": ["x_transferred"]}, {"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2945", "tags": ["x_transferred"]}]}]}, "cveMetadata": {"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2022-2945", "datePublished": "2022-09-06T17:19:01.000Z", "dateReserved": "2022-08-22T00:00:00.000Z", "dateUpdated": "2026-04-08T17:05:28.279Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:connekthq:ajax_load_more:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "F53D9CB5-1960-4C57-903D-9AA1027862D8", "versionEndIncluding": "5.5.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WordPress Infinite Scroll \u2013 Ajax Load More plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.5.3 via the 'type' parameter found in the alm_get_layout() function. This makes it possible for authenticated attackers, with administrative permissions, to read the contents of arbitrary files on the server, which can contain sensitive information."}, {"lang": "es", "value": "El plugin WordPress Infinite Scroll - Ajax Load More para WordPress es vulnerable a un Salto de Directorio en versiones hasta 5.5.3 incluy\u00e9ndola, por medio del par\u00e1metro \"type\" encontrado en la funci\u00f3n alm_get_layout(). Esto hace posible a atacantes autenticados, con permisos administrativos, leer el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial."}], "id": "CVE-2022-2945", "lastModified": "2026-04-08T18:17:27.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-06T18:15:15.330", "references": [{"source": "security@wordfence.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7d5deb76bf9"}, {"source": "security@wordfence.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://plugins.svn.wordpress.org/ajax-load-more/tags/5.5.4/README.txt"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8957413c-95e0-49c8-ba8a-02b9b5141e08?source=cve"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2945"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7d5deb76bf9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://plugins.svn.wordpress.org/ajax-load-more/tags/5.5.4/README.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8957413c-95e0-49c8-ba8a-02b9b5141e08?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2945"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Secondary"}]}