6 matches found
CVE-2023-1196
The Advanced Custom Fields ACF Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1196 Advanced Custom Fields - Contributor+ PHP Object Injection
The Advanced Custom Fields ACF Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1196 Advanced Custom Fields - Contributor+ PHP Object Injection
The Advanced Custom Fields ACF Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1196
The CVE-2023-1196 entry concerns the Advanced Custom Fields (ACF) Free and Pro WordPress plugins. Affected versions are 5.x before 5.12.5 and 6.x before 6.1.0. The root cause is unserialize of user-controllable data, enabling PHP Object Injection when a suitable gadget is present. Valid risk is t...
WordPress Advanced Custom Fields Plugin < 5.12.5 is vulnerable to PHP Object Injection
Software Advanced Custom Fields Type Plugin Vulnerable versions 5.12.5 Fixed in 5.12.5 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-1196 Patch priority Medium CVSS severity Medium 4.9 Developer Claim ownership PSID 8c55b8a9942a Credits Nguyen Huu Do Required privile...
WordPress Advanced Custom Fields PRO Plugin < 6.1.0 is vulnerable to PHP Object Injection
Software Advanced Custom Fields PRO Type Plugin Vulnerable versions 6.1.0 Fixed in 6.1.0 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-1196 Patch priority Medium CVSS severity Medium 4.9 Developer Claim ownership PSID 322be262bcd9 Credits Nguyen Huu Do Required...