10 matches found
EUVD-2025-4449
Malicious code in bioql PyPI...
CVE-2024-13899
The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data parameter in the fImportMenu function. This makes it possible for authenticated attackers, with Administrator-level access a...
CVE-2024-13899
The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data parameter in the fImportMenu function. This makes it possible for authenticated attackers, with Administrator-level access a...
CVE-2024-13899
The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data parameter in the fImportMenu function. This makes it possible for authenticated attackers, with Administrator-level access a...
CVE-2024-13899
CVE-2024-13899 affects the Mambo Importer plugin for WordPress (up to v1.0). It enables PHP Object Injection via deserialization of untrusted input in fImportMenu’s $data parameter. Exploitation requires Administrator-class access; no public POP chain is documented in the vulnerable package itsel...
CVE-2024-13899 Mambo Importer <= 1.0 - Authenticated (Administrator+) PHP Object Injection
The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data parameter in the fImportMenu function. This makes it possible for authenticated attackers, with Administrator-level access a...
CVE-2024-13899 Mambo Importer <= 1.0 - Authenticated (Administrator+) PHP Object Injection
The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data parameter in the fImportMenu function. This makes it possible for authenticated attackers, with Administrator-level access a...
PT-2025-7403 · WordPress · Mambo Importer
Name of the Vulnerable Software and Affected Versions: Mambo Importer plugin for WordPress versions up to, and including, 1.0 Description: The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted input via the data parameter in the fImportMenu...
WordPress plugin Mambo Importer 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress Mambo Importer plugin <= 1.0 - Authenticated (Administrator+) PHP Object Injection vulnerability
Authenticated Administrator+ PHP Object Injection vulnerability discovered by Francesco Carlucci in WordPress Plugin Mambo Importer versions = 1.0...