Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:7 p.m.8 views

CVE-2022-3366

The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPress Capabilities Pro WordPress plugin before 2.5.2 unserializes the content of imported files, which could lead to PHP object injection attacks by administrators, on multisite WordPress configurations. Successful exploitation i...

7.2CVSS6.9AI score0.01126EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2022/11/01 12:0 a.m.16 views

WordPress PublishPress Capabilities Plugin < 2.5.2 PHP Objection Injection Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

7.2CVSS7.1AI score0.01126EPSS
Exploits2References1
NVD
NVD
added 2022/10/31 4:15 p.m.19 views

CVE-2022-3366

The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPress Capabilities Pro WordPress plugin before 2.5.2 unserializes the content of imported files, which could lead to PHP object injection attacks by administrators, on multisite WordPress configurations. Successful exploitation i...

7.2CVSS0.01126EPSS
Exploits2References1
CVE
CVE
added 2022/10/31 12:0 a.m.64 views

CVE-2022-3366

The CVE concerns the WordPress plugins PublishPress Capabilities (before 2.5.2) and PublishPress Capabilities Pro (before 2.5.2). The issue is a PHP object injection risk arising from unserializing the content of imported files in multisite configurations, as described in the CVE entry. Exploitat...

7.2CVSS7AI score0.01126EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/31 12:0 a.m.6 views

CVE-2022-3366 PublishPress Capabilities < 2.5.2 - Admin+ PHP Objection Injection

The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPress Capabilities Pro WordPress plugin before 2.5.2 unserializes the content of imported files, which could lead to PHP object injection attacks by administrators, on multisite WordPress configurations. Successful exploitation i...

6.9AI score0.01126EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.26 views

CVE-2022-3366 PublishPress Capabilities < 2.5.2 - Admin+ PHP Objection Injection

The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPress Capabilities Pro WordPress plugin before 2.5.2 unserializes the content of imported files, which could lead to PHP object injection attacks by administrators, on multisite WordPress configurations. Successful exploitation i...

7.2AI score0.01126EPSS
Exploits2References1
Rows per page
Query Builder