There was an Unauthenticated Remote Code Execution (RCE) vulnerability in PHPUnit, a widely used testing framework for PHP. This vulnerability has been seen exploited in the wild.
curl -X POST --data ββ http://example.com//wp-content/plugins/jekyll-exporter/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
CPE | Name | Operator | Version |
---|---|---|---|
jekyll-exporter | lt | 2.2.1 | |
wp-heyloyalty | eq | * | |
cloudflare | lt | 1.1.12 |