Lucene search
K

5 matches found

OSV
OSV
added 2023/05/30 8:15 a.m.6 views

CVE-2023-2288

The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP 8.0 using the phar:// stream wrapper...

8.8CVSS7.3AI score
Exploits0References1
NVD
NVD
added 2023/05/30 8:15 a.m.29 views

CVE-2023-2288

The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP 8.0 using the phar:// stream wrapper...

8.8CVSS8.6AI score0.17973EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/30 7:49 a.m.10 views

CVE-2023-2288 Otter - Gutenberg Blocks < 2.2.6 - Author+ PHAR Deserialization

The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP 8.0 using the phar:// stream wrapper...

7AI score0.17973EPSS
Exploits2References1
CVE
CVE
added 2023/05/30 7:49 a.m.104 views

CVE-2023-2288

CVE-2023-2288 affects Otter – Gutenberg Blocks (WordPress) versions before 2.2.6. The root cause is unsanitized user-controlled file paths used in file operations, enabling PHAR deserialization via the phar:// stream wrapper on PHP

8.8CVSS8.6AI score0.17973EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/05/08 12:0 a.m.12 views

WordPress Otter - Gutenberg Block Plugin < 2.2.6 is vulnerable to PHP Object Injection

Software Otter - Gutenberg Block Type Plugin Vulnerable versions 2.2.6 Fixed in 2.2.6 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-2288 Patch priority High CVSS severity High 6.6 Developer Claim ownership PSID a3cf96ddaa2b Credits Alex Sanford Required privilege...

8.8CVSS6.8AI score0.17973EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder