4 matches found
CVE-2022-4680 Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection
The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2022-4680 Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection
The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2022-4680
The CVE-2022-4680 entry concerns the WordPress plugin Revive Old Posts up to version 9.0.10, which unserializes user input from settings, enabling PHP Object Injection when a suitable gadget is present and an administrator can trigger it. Affected version is before 9.0.11; the issue is mitigated ...
WordPress Revive Old Posts Plugin < 9.0.11 is vulnerable to PHP Object Injection
Software Revive Old Posts Type Plugin Vulnerable versions 9.0.11 Fixed in 9.0.11 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2022-4680 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID a37521b3e635 Credits Nguyen Huu Do Required privilege...