exploitDog

GHSA-wfcf-c7x5-2q5g

Опубликовано: 23 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present

Ссылки

EPSS

Процентиль: 75%

0.00855

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2022-4323

CVSS3: 7.2

nvd

около 3 лет назад

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present

EPSS

Процентиль: 75%

0.00855

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-502