Lucene search

PRIOn knowledge basePRION:CVE-2023-6933

HistoryFeb 05, 2024 - 10:15 p.m.

Deserialization of untrusted data

2024-02-0522:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

better search replace

wordpress

unauthenticated attackers

php object injection

untrusted input

pop chain

arbitrary file deletion

sensitive data retrieval

code execution

7.9 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

CPENameOperatorVersion
better_search_replacelt1.4.5

CPE	Name	Operator	Version
	better_search_replace	lt	1.4.5

References

plugins.trac.wordpress.org/browser/better-search-replace/trunk/includes/class-bsr-db.php

plugins.trac.wordpress.org/changeset/3023674/better-search-replace/trunk/includes/class-bsr-db.php

www.wordfence.com/threat-intel/vulnerabilities/id/895f2db1-a2ed-4a17-a4f6-cd13ee8f84af?source=cve