3 matches found
CVE-2022-4120
The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2022.6 passes base64 encoded user input to the unserialize PHP function when CAPTCHA are used as second challenge, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadge...
CVE-2022-4120
The CVE-2022-4120 entry documents a vulnerability in the Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin. Prior to version 2022.6, the plugin passes base64-encoded user input to PHP’s unserialize() when CAPTCHA is used as the second challenge, which can lead to PHP Obj...
CVE-2022-4120 Stop Spammers Security < 2022.6 - Unauthenticated PHP Object Injection
The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2022.6 passes base64 encoded user input to the unserialize PHP function when CAPTCHA are used as second challenge, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadge...