5 matches found
CVE-2020-35939
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...
CVE-2020-35939
creationtimestamp| type| source ---|---|--- 2021-01-01 07:32:41+00:00| seen| https://t.me/cibsecurity/21498...
CVE-2020-35939
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...
CVE-2020-35939
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...
CVE-2020-35939
CVE-2020-35939 affects the Team Showcase plugin for WordPress (and related Post Grid/Team Showcase context) with PHP Object Injection via insecure unserialization in the source parameter over AJAX when action=team_import_xml_layouts. It requires authentication (remote authenticated attacker) and ...