3 matches found
CVE-2024-10079
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajaximportcontent' function. This allows authenticated attackers, with subscriber-level permissions an...
CVE-2024-10079
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajaximportcontent' function. This allows authenticated attackers, with subscriber-level permissions an...
PT-2024-16012 · WordPress · Wp Easy Post Types
Name of the Vulnerable Software and Affected Versions: WP Easy Post Types plugin for WordPress versions up to, and including, 1.4.4 Description: The issue concerns PHP Object Injection via deserialization of untrusted input from the text parameter in the ajax import content function. This allows...