Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:14 p.m.7 views

CVE-2020-35939

PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...

8.8CVSS7.3AI score0.02082EPSS
Exploits1
Circl
Circl
added 2021/01/01 7:32 a.m.6 views

CVE-2020-35939

creationtimestamp| type| source ---|---|--- 2021-01-01 07:32:41+00:00| seen| https://t.me/cibsecurity/21498...

8.8CVSS8.2AI score0.02082EPSS
Exploits1References1
NVD
NVD
added 2021/01/01 2:15 a.m.13 views

CVE-2020-35939

PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...

8.8CVSS8AI score0.02082EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/01/01 1:25 a.m.25 views

CVE-2020-35939

PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...

7.5CVSS8.8AI score0.02082EPSS
Exploits1References1
CVE
CVE
added 2021/01/01 1:25 a.m.85 views

CVE-2020-35939

CVE-2020-35939 affects the Team Showcase plugin for WordPress (and related Post Grid/Team Showcase context) with PHP Object Injection via insecure unserialization in the source parameter over AJAX when action=team_import_xml_layouts. It requires authentication (remote authenticated attacker) and ...

8.8CVSS8.6AI score0.02082EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder