Описание
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.2 (исключая)
cpe:2.3:a:strategy11:formidable_forms:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 50%
0.00268
Низкий
7.5 High
CVSS3
Дефекты
CWE-502
Связанные уязвимости
CVSS3: 7.5
github
около 2 лет назад
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present.
EPSS
Процентиль: 50%
0.00268
Низкий
7.5 High
CVSS3
Дефекты
CWE-502