The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
CPE | Name | Operator | Version |
---|---|---|---|
revive_old_posts | lt | 9.0.11 |