Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:12 a.m.9 views

CVE-2023-3392

The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS7.1AI score0.00783EPSS
Exploits2References1
Circl
Circl
added 2023/10/16 12:36 p.m.6 views

CVE-2023-3392

creationtimestamp| type| source ---|---|--- 2023-10-16 12:36:41+00:00| seen| https://t.me/cibsecurity/72310...

7.2CVSS7.5AI score0.00783EPSS
Exploits2References1
CVE
CVE
added 2023/10/16 8:32 a.m.65 views

CVE-2023-3392

CVE-2023-3392 concerns the WordPress plugin Read More & Accordion, affected up to version 3.2.6.1. The issue is PHP Object Injection caused by unserializing user input in the plugin’s settings, which could be exploitable by high-privilege users (e.g., administrators) when a suitable gadget is pre...

7.2CVSS7.2AI score0.00783EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/16 8:32 a.m.12 views

CVE-2023-3392 Read More & Accordion < 3.2.7 - Admin+ PHP Object Injection

The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2AI score0.00783EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/10/16 8:32 a.m.27 views

CVE-2023-3392 Read More & Accordion < 3.2.7 - Admin+ PHP Object Injection

The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.4AI score0.00783EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/09/13 12:0 a.m.13 views

WordPress Read More & Accordion Plugin <= 3.2.6.1 is vulnerable to PHP Object Injection

Software Read More & Accordion Type Plugin Vulnerable versions = 3.2.6.1 Fixed in 3.2.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-3392 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID c9659021e9fe Credits Do Xuan Trung Required privilege...

7.2CVSS7.2AI score0.00783EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder