Lucene search
K

6 matches found

Nuclei
Nuclei
added 8 hours ago25 views

My Geo Posts Free <= 1.2 - PHP Object Injection

The My Geo Posts Free plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.2 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If ...

9.8CVSS7.3AI score0.0307EPSS
Exploits0References4
OSV
OSV
added 2024/11/18 3:15 p.m.5 views

CVE-2024-52433

Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free allows Object Injection.This issue affects My Geo Posts Free: from n/a through 1.2...

9.8CVSS7.3AI score0.0307EPSS
Exploits0References1
Circl
Circl
added 2024/11/18 2:25 p.m.10 views

CVE-2024-52433

creationtimestamp| type| source ---|---|--- 2024-11-18 14:25:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113504413378781317 2024-11-18 17:23:06+00:00| seen| https://t.me/cvedetector/11339 2024-11-28 10:31:19+00:00| published-proof-of-concept| https://t.me/fourrays/17 2024-12-11...

9.8CVSS8.7AI score0.0307EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/11/18 2:23 p.m.20 views

CVE-2024-52433 WordPress My Geo Posts Free plugin <= 1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free allows Object Injection.This issue affects My Geo Posts Free: from n/a through 1.2...

9.8CVSS6.9AI score0.0307EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 2:23 p.m.73 views

CVE-2024-52433

The CVE CVE-2024-52433 affects My Geo Posts Free (WordPress plugin) up to version 1.2. It is a PHP Object Injection vulnerability triggered by deserialization of untrusted input, allowing unauthenticated object injection. The Nuclei template specifies the flaw is in versions up to 1.2 and notes n...

9.8CVSS7.2AI score0.0307EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/15 12:0 a.m.16 views

WordPress My Geo Posts Free Plugin <= 1.2 is vulnerable to PHP Object Injection

Software My Geo Posts Free Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52433 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID abf48ca2de6d Credits Mika Required privilege Unauthenticated...

9.8CVSS7.2AI score0.0307EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder