exploitDog

CVE-2022-4043

Опубликовано: 09 янв. 2023

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

Ссылки

https://wpscan.com/vulnerability/ffff8c83-0a59-450a-9b40-c7f3af7205fc
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/ffff8c83-0a59-450a-9b40-c7f3af7205fc
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wp_custom_admin_interface_project:wp_custom_admin_interface:*:*:*:*:*:*:*:*

Версия до 7.29 (исключая)

EPSS

Процентиль: 78%

0.01171

Низкий

7.2 High

CVSS3

Дефекты

Связанные уязвимости

GHSA-ch9p-8jp8-qjvq

CVSS3: 7.2

github

около 3 лет назад

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

EPSS

Процентиль: 78%

0.01171

Низкий

7.2 High

CVSS3

Дефекты