6 matches found
CVE-2024-8922
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquirydetail.php. This makes it possible for authenticated attackers, with...
CVE-2024-8922
creationtimestamp| type| source ---|---|--- 2024-09-27 09:03:30+00:00| seen| https://t.me/cvedetector/6476...
CVE-2024-8922
The CVE-2024-8922 entry concerns WordPress → Product Enquiry for WooCommerce plugin (versions
CVE-2024-8922 Product Enquiry for WooCommerce <= 2.2.33.33 - Authenticated (Author+) PHP Object Injection in enquiry_detail.php
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquirydetail.php. This makes it possible for authenticated attackers, with...
CVE-2024-8922 Product Enquiry for WooCommerce <= 2.2.33.33 - Authenticated (Author+) PHP Object Injection in enquiry_detail.php
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquirydetail.php. This makes it possible for authenticated attackers, with...
WordPress Product Enquiry for WooCommerce Plugin <= 2.2.33.33 is vulnerable to PHP Object Injection
Software Product Enquiry for WooCommerce Type Plugin Vulnerable versions = 2.2.33.33 Fixed in 2.2.33.34 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-8922 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID f788257a9413 Credits Francesco...