2 matches found
Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)
In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfences highly...
CVE-2022-3568
CVE-2022-3568 affects the ImageMagick Engine WordPress plugin (versions up to and including 1.7.5). The vulnerability enables CSRF and deserialization of untrusted input via the cli_path parameter, potentially allowing PHAR-deserialization when a suitable gadget chain exists and a serialized payl...