Lucene search
WPScanCVELIST:CVE-2022-3679HistoryJan 09, 2023 - 10:13 p.m.
CVE-2022-3679 Starter Templates by Kadence WP < 1.2.17 - Admin+ PHP Object Injection
2023-01-0922:13:44
WPScan
www.cve.org
1
cve-2022-3679
starter templates
kadence wp
php object injection
wordpress plugin
The Starter Templates by Kadence WP WordPress plugin before 1.2.17 unserialises the content of an imported file, which could lead to PHP object injection issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Starter Templates by Kadence WP",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "1.2.17"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
prion
prion
Design/Logic Flaw
2023-01-09 23:15:00
wpvulndb
wpvulndb
Starter Templates by Kadence WP < 1.2.17 - Admin+ PHP Object Injection
2022-12-16 00:00:00
openvas
openvas
cve
cve
CVE-2022-3679
2023-01-09 23:15:26
wpexploit
wpexploit
Starter Templates by Kadence WP < 1.2.17 - Admin+ PHP Object Injection
2022-12-16 00:00:00
nvd
nvd
CVE-2022-3679
2023-01-09 23:15:26