6 matches found
CVE-2023-1669
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1669
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1669 SEOPress < 6.5.0.3 - Admin+ PHP Object Injection
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1669 SEOPress < 6.5.0.3 - Admin+ PHP Object Injection
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1669
CVE-2023-1669 affects the SEOPress WordPress plugin up to version 6.5.0.3. The issue arises from unserializing user input provided through settings, which could allow high-privilege users (e.g., admins) to perform PHP Object Injection when a suitable gadget is present. The vulnerability is confir...
WordPress SEOPress Plugin <= 6.5.0.2 is vulnerable to PHP Object Injection
Software SEOPress Type Plugin Vulnerable versions = 6.5.0.2 Fixed in 6.5.0.3 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-1669 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 045f095df46e Credits Nguyen Huu Do Required privilege Administrator...