2 matches found
CVE-2023-28667
CVE-2023-28667 centers on the Lead Generated WordPress Plugin (version
CVE-2023-28667
The Lead Generated WordPress Plugin, version = 1.23, was affected by an unauthenticated insecure deserialization issue. The tvelabels parameter of the tveapiformsubmit action is passed to the PHP unserialize function without being sanitized or verified, and as a result could lead to PHP object...