Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 3:7 p.m.9 views

CVE-2020-36726

The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.1.32 via deserialization of untrusted input in several vulnerable functions. This allows unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable...

9.8CVSS7.3AI score0.01566EPSS
Exploits1References1
NVD
NVD
added 2023/06/07 2:15 a.m.19 views

CVE-2020-36726

The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.1.32 via deserialization of untrusted input in several vulnerable functions. This allows unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable...

9.8CVSS9.8AI score0.01566EPSS
Exploits1References3
CVE
CVE
added 2023/06/07 1:51 a.m.46 views

CVE-2020-36726

The CVE concerns WordPress plugin “The Ultimate Reviews” (WordPress) with a PHP Object Injection vulnerability in versions up to and including 2.1.32, caused by deserialization of untrusted input in several vulnerable functions. The issue allows unauthenticated attackers to inject a PHP object; n...

9.8CVSS9.6AI score0.01566EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/06/07 1:51 a.m.27 views

CVE-2020-36726 Ultimate Reviews < 2.1.33 - PHP Object Injection

The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.1.32 via deserialization of untrusted input in several vulnerable functions. This allows unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable...

9.8CVSS9.7AI score0.01566EPSS
Exploits1References3
Rows per page
Query Builder