Описание
WordPress is an open publishing platform for the Web. Unserialization of instances of the WP_HTML_Token class allows for code execution via its __destruct() magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 6.4.3+dfsg1-1ubuntu1 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | not-affected | 6.4.3+dfsg1-1ubuntu1 |
| esm-apps/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| mantic | ignored | end of life, was needs-triage |
| noble | not-affected | 6.4.3+dfsg1-1ubuntu1 |
Показывать по
Ссылки на источники
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
WordPress is an open publishing platform for the Web. Unserialization of instances of the `WP_HTML_Token` class allows for code execution via its `__destruct()` magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected.
WordPress is an open publishing platform for the Web. Unserialization ...
EPSS
5.5 Medium
CVSS3