3 matches found
CVE-2022-3900
The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipeargs parameter before unserializing it in the cookedloadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection vulnerability...
CVE-2022-3900 Cooked Pro < 1.7.5.7 - Unauthenticated PHP Object Injection
The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipeargs parameter before unserializing it in the cookedloadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection vulnerability...
CVE-2022-3900
CVE-2022-3900 affects the Cooked Pro WordPress plugin prior to 1.7.5.7. The flaw is improper validation/sanitization of the recipe_args parameter before unserializing it in the cooked_loadmore action, enabling an unauthenticated attacker to trigger a PHP object injection. Affected: Cooked Pro Wor...