Описание
The HUSKY WordPress plugin before 1.3.2 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.2 (исключая)
cpe:2.3:a:pluginus:husky_-_products_filter_professional_for_woocommerce:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 79%
0.01195
Низкий
7.2 High
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 7.2
github
около 3 лет назад
The HUSKY WordPress plugin before 1.3.2 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
EPSS
Процентиль: 79%
0.01195
Низкий
7.2 High
CVSS3