CVE-2022-4327

Опубликовано: 16 янв. 2023

Источник: nvd

Описание

Rejected reason: This issue does not bear any security risk as it's only exploitable by users with administrator or super-administrator roles, who can already do what they want on their site.

Связанные уязвимости

GHSA-wcqq-jh3m-43f6

CVSS3: 7.2

github

около 3 лет назад

The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a PHP Object Injection vulnerability due to the unsafe use of unserialize() function. A potential attacker, authenticated as high privilege user could exploit this vulnerability by sending specially crafted requests to the web application containing malicious serialized input.