exploitDog

CVE-2022-4680

Опубликовано: 30 янв. 2023

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

Ссылки

https://wpscan.com/vulnerability/f4197386-975d-4e53-8fc9-9425732da9af
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/f4197386-975d-4e53-8fc9-9425732da9af
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:revive:revive_old_posts:*:*:*:*:*:wordpress:*:*

Версия до 9.0.11 (исключая)

EPSS

Процентиль: 79%

0.01202

Низкий

7.2 High

CVSS3

Дефекты

Связанные уязвимости

GHSA-pqm2-5wmp-22wm

CVSS3: 7.2

github

около 3 лет назад

The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

EPSS

Процентиль: 79%

0.01202

Низкий

7.2 High

CVSS3

Дефекты