8075 matches found
CVE-2017-20208
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...
EUVD-2017-18924
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...
EUVD-2017-18923
The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerabilit...
EUVD-2017-18922
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...
CVE-2017-20208
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...
CVE-2017-20208
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...
CVE-2017-20207
The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerabilit...
CVE-2017-20206
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...
CVE-2017-20206
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...
CVE-2017-20208 RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...
CVE-2017-20208
CVE-2017-20208 affects the WordPress plugin RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login. All versions up to 3.7.9.3 are vulnerable to PHP Object Injection via deserialization of untrusted input from the is_expired_by_date() function. This allows unaut...
CVE-2017-20208 RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...
CVE-2017-20206 Appointments <= 2.2.1 - Unauthenticated PHP Object Injection
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...
CVE-2017-20206
The CVE-2017-20206 entry concerns the WordPress Appointments plugin (versions up to 2.2.1). The vulnerability is a PHP Object Injection via deserialization of untrusted input from the wpmudev_appointments cookie, allowing unauthenticated attackers to inject a PHP object. The documented impact ind...
CVE-2017-20207 Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Injection
The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerabilit...
CVE-2017-20207 Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Injection
The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerabilit...
PT-2025-42675
Name of the Vulnerable Software and Affected Versions Flickr Gallery plugin for WordPress versions up to and including 1.5.2 Description The software is susceptible to PHP Object Injection due to deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to...
WordPress plugin Appointments 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
PT-2025-42676
Name of the Vulnerable Software and Affected Versions RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress versions prior to 3.7.9.3 Description The RegistrationMagic plugin for WordPress is susceptible to PHP Object Injection due to...
WordPress plugin RegistrationMagic 代码问题漏洞
WordPress, etc. are products of the WordPress Foundation.WordPress is a suite of blogging platforms developed using the PHP language.PHP, etc. are products of PHP.PHP is a scripting language that executes on the server side.WebSockets ws, etc. are products of the WebSockets open source.ws is a...