exploitDog

GHSA-hp6x-rrx2-386m

Опубликовано: 21 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection.

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection.

Ссылки

EPSS

Процентиль: 59%

0.00386

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2023-0232

CVSS3: 9.8

nvd

почти 3 года назад

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection.

EPSS

Процентиль: 59%

0.00386

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-502