Описание
wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3.9.2 might allow remote attackers to execute arbitrary code via crafted serialized data.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:wordpress:wordpress:3.9.0:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.9.1:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04351
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
ubuntu
почти 11 лет назад
wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3.9.2 might allow remote attackers to execute arbitrary code via crafted serialized data.
debian
почти 11 лет назад
wp-includes/class-wp-customize-widgets.php in the widget implementatio ...
github
около 3 лет назад
wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3.9.2 might allow remote attackers to execute arbitrary code via crafted serialized data.
EPSS
Процентиль: 88%
0.04351
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo