Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.6 views

CVE-2025-14044

The Visitor Logic Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.3 via deserialization of untrusted input from the lpblocks cookie. This is due to the lptrack function passing unsanitized cookie data directly to the unserialize function...

8.1CVSS7AI score0.00457EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/12 5:42 a.m.13 views

WordPress Visitor Logic Lite plugin <= 1.0.3 - Unauthenticated PHP Object Injection via 'lpblocks' Cookie vulnerability

Unauthenticated PHP Object Injection via 'lpblocks' Cookie vulnerability discovered by Ivan Cese in WordPress Plugin Visitor Logic Lite versions = 1.0.3...

8.1CVSS7AI score0.00457EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/12 4:15 a.m.7 views

CVE-2025-14044

The Visitor Logic Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.3 via deserialization of untrusted input from the lpblocks cookie. This is due to the lptrack function passing unsanitized cookie data directly to the unserialize function...

8.1CVSS0.00457EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/12 3:20 a.m.3 views

CVE-2025-14044 Visitor Logic Lite <= 1.0.3 - Unauthenticated PHP Object Injection via 'lpblocks' Cookie

The Visitor Logic Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.3 via deserialization of untrusted input from the lpblocks cookie. This is due to the lptrack function passing unsanitized cookie data directly to the unserialize function...

8.1CVSS6.6AI score0.00457EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/12 3:20 a.m.30 views

CVE-2025-14044 Visitor Logic Lite <= 1.0.3 - Unauthenticated PHP Object Injection via 'lpblocks' Cookie

The Visitor Logic Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.3 via deserialization of untrusted input from the lpblocks cookie. This is due to the lptrack function passing unsanitized cookie data directly to the unserialize function...

8.1CVSS0.00457EPSS
Exploits0References3
CVE
CVE
added 2025/12/12 3:20 a.m.20 views

CVE-2025-14044

CVE-2025-14044 affects the WordPress plugin Visitor Logic Lite (up to 1.0.3). The issue is a PHP Object Injection via deserialization of unsanitized input from the lpblocks cookie, caused by lp_track() passing cookie data to unserialize(). The vulnerability is unauthenticated and could allow obje...

8.1CVSS6.6AI score0.00457EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.4 views

WordPress plugin Visitor Logic Lite 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

8.1CVSS6.7AI score0.00457EPSS
Exploits0References3
Rows per page
Query Builder