5 matches found
CVE-2023-2288
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP 8.0 using the phar:// stream wrapper...
CVE-2023-2288
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP 8.0 using the phar:// stream wrapper...
CVE-2023-2288 Otter - Gutenberg Blocks < 2.2.6 - Author+ PHAR Deserialization
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP 8.0 using the phar:// stream wrapper...
CVE-2023-2288
CVE-2023-2288 affects Otter – Gutenberg Blocks (WordPress) versions before 2.2.6. The root cause is unsanitized user-controlled file paths used in file operations, enabling PHAR deserialization via the phar:// stream wrapper on PHP
WordPress Otter - Gutenberg Block Plugin < 2.2.6 is vulnerable to PHP Object Injection
Software Otter - Gutenberg Block Type Plugin Vulnerable versions 2.2.6 Fixed in 2.2.6 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-2288 Patch priority High CVSS severity High 6.6 Developer Claim ownership PSID a3cf96ddaa2b Credits Alex Sanford Required privilege...