exploitDog

GHSA-vh49-3q2g-93gh

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. There is not a complete POP chain.

The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. There is not a complete POP chain.

Ссылки

EPSS

Процентиль: 74%

0.00848

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2020-28339

CVSS3: 7.5

nvd

около 5 лет назад

The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. There is not a complete POP chain.

EPSS

Процентиль: 74%

0.00848

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-502