2 matches found
CVE-2017-20206
creationtimestamp| type| source ---|---|--- 2025-10-21 21:02:28+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m3qa4ape3t2a 2026-06-19 12:45:23+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f7121e36-8047-4968-aad2-dfed5fe9290b...
CVE-2017-20206
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...