CVE-2022-2554: 
WordPress vulnerability analysis and mitigation

CVE-2022-2554 is a path traversal vulnerability affecting the Enable Media Replace WordPress plugin versions before 4.0.0. The vulnerability was discovered by Raad Haddad of Cloudyrion GmbH and was publicly disclosed on September 14, 2022. The issue exists in the file replacement functionality of the plugin, which fails to properly restrict file movements to the Upload folder (WPScan).

The vulnerability is classified as a Path Traversal (CWE-22) issue with a CVSS 3.1 base score of 4.9 (Medium) and vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N. The technical flaw occurs when users select the 'Replace the file, use new file name and update all links' option and enable 'Put new Upload in Updated Folder' setting. The plugin fails to properly sanitize the upload location, allowing for directory traversal sequences to be injected (NVD, WPScan).

When exploited, this vulnerability allows high-privilege users such as administrators to move files outside of the intended upload directory to the web root directory through path traversal attacks. This could potentially lead to unauthorized file placement in sensitive locations within the WordPress installation (WPScan).

The vulnerability has been fixed in version 4.0.0 of the Enable Media Replace plugin. Users are advised to update to this version or later to mitigate the risk (WPScan).