Описание
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
Ссылки
- Vendor Advisory
- ExploitPatch
- PatchVendor Advisory
- Vendor Advisory
- ExploitPatch
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
7.5 High
CVSS2
Дефекты
Связанные уязвимости
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
wp-includes/functions.php in WordPress before 3.6.1 does not properly ...
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
EPSS
7.5 High
CVSS2