exploitDog

GHSA-wfgq-9f7c-xcw5

Опубликовано: 16 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present.

The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present.

Ссылки

EPSS

Процентиль: 50%

0.00268

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2023-1405

CVSS3: 7.5

nvd

около 2 лет назад

The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present.

EPSS

Процентиль: 50%

0.00268

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-502