4 matches found
CVE-2026-1542
The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...
CVE-2026-1542
creationtimestamp| type| source ---|---|--- 2026-02-28 09:43:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfvwsfcq6o2v 2026-02-28 10:09:43+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mfvyaqnuay2l 2026-02-28 10:09:43+00:00| seen|...
CVE-2026-1542 Super Stage WP <= 1.0.1 - Unauthenticated PHP Object Injection
The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...
CVE-2026-1542
The CVE-2026-1542 entry concerns the WordPress plugin Simple Stage WP (Super Stage WP) versions up to 1.0.1. The vulnerability arises from unserializing user input via REQUEST, enabling unauthenticated PHP Object Injection when a suitable gadget is present on the blog. Affected component: WordPre...