6 matches found
CVE-2023-3392
The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-3392
creationtimestamp| type| source ---|---|--- 2023-10-16 12:36:41+00:00| seen| https://t.me/cibsecurity/72310...
CVE-2023-3392
CVE-2023-3392 concerns the WordPress plugin Read More & Accordion, affected up to version 3.2.6.1. The issue is PHP Object Injection caused by unserializing user input in the plugin’s settings, which could be exploitable by high-privilege users (e.g., administrators) when a suitable gadget is pre...
CVE-2023-3392 Read More & Accordion < 3.2.7 - Admin+ PHP Object Injection
The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-3392 Read More & Accordion < 3.2.7 - Admin+ PHP Object Injection
The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
WordPress Read More & Accordion Plugin <= 3.2.6.1 is vulnerable to PHP Object Injection
Software Read More & Accordion Type Plugin Vulnerable versions = 3.2.6.1 Fixed in 3.2.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-3392 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID c9659021e9fe Credits Do Xuan Trung Required privilege...