4 matches found
CVE-2022-3335
The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import intentionally or not a malicious file and a suitable gadget chain is present on the blog...
WordPress Kadence WooCommerce Email Designer Plugin < 1.5.7 PHP Object Injection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kadencewp:kadencewoocommerceemaildesigner"; ifdescription...
CVE-2022-3335
The CVE-2022-3335 entry concerns the Kadence WooCommerce Email Designer WordPress plugin, affected versions prior to 1.5.7. The root cause is the unserialization of the content of an imported file, which can enable PHP object injection when an admin imports a malicious file and a suitable gadget ...
CVE-2022-3335 Kadence WooCommerce Email Designer < 1.5.7 - Admin+ PHP Objection Injection
The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import intentionally or not a malicious file and a suitable gadget chain is present on the blog...