exploitDog

CVE-2016-10948

Опубликовано: 13 сент. 2019

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.

Ссылки

https://advisories.dxw.com/advisories/unserialisation-in-post-indexer-could-allow-man-in-the-middle-to-execute-arbitrary-code-in-some-circumstances/
Exploit
Third Party Advisory
https://advisories.dxw.com/advisories/unserialisation-in-post-indexer-could-allow-man-in-the-middle-to-execute-arbitrary-code-in-some-circumstances/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:post_indexer_project:post_indexer:*:*:*:*:*:wordpress:*:*

Версия до 3.0.6.2 (исключая)

EPSS

Процентиль: 74%

0.00841

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-3c9j-4f4v-vmxx

github

больше 3 лет назад

The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.

EPSS

Процентиль: 74%

0.00841

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20