exploitDog

CVE-2026-1542

Опубликовано: 28 фев. 2026

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog.

Ссылки

https://wpscan.com/vulnerability/d6e3041f-62e8-49ba-8806-59a1c07ec43d/

EPSS

Процентиль: 9%

0.00194

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-502

Связанные уязвимости

GHSA-98hx-rrj3-w3r4

CVSS3: 6.5

github

4 месяца назад

The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog.

EPSS

Процентиль: 9%

0.00194

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-502