Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2023/09/27 12:0 a.m.8 views

WordPress Customizer Export/Import Plugin < 0.9.5 PHP Object Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpbeaverbuilder:customizerexport%2fimport"; if description...

7.2CVSS7.1AI score0.01126EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.19 views

CVE-2022-3380 Customizer Export/Import < 0.9.5 - Admin+ PHP Objection Injection

The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports intentionally or not a malicious file and a suitable gadget chain is present on the blog...

7.3AI score0.01126EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/10/31 12:0 a.m.2 views

CVE-2022-3380 Customizer Export/Import < 0.9.5 - Admin+ PHP Objection Injection

The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports intentionally or not a malicious file and a suitable gadget chain is present on the blog...

7.1AI score0.01126EPSS
Exploits1References1
CVE
CVE
added 2022/10/31 12:0 a.m.55 views

CVE-2022-3380

The CVE-2022-3380 entry concerns the WordPress plugin Customizer Export/Import, affected versions prior to 0.9.5. The vulnerability arises from unserializing the content of an imported file, enabling PHP object injection if an admin imports a malicious file and a gadget chain is present on the bl...

7.2CVSS7.2AI score0.01126EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder