5 matches found
CVE-2024-12600
The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.0 via deserialization of untrusted input from the 'frswooproducttabs' parameter. This makes it possible for authenticated attackers, with Shop...
CVE-2024-12600
The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.0 via deserialization of untrusted input from the 'frswooproducttabs' parameter. This makes it possible for authenticated attackers, with Shop...
CVE-2024-12600
creationtimestamp| type| source ---|---|--- 2025-01-25 06:46:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113887647773020346 2025-01-25 07:05:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3049...
CVE-2024-12600 Custom Product Tabs Lite for WooCommerce <= 1.9.0 - Authenticated (Shop Manager+) PHP Object Injection
The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.0 via deserialization of untrusted input from the 'frswooproducttabs' parameter. This makes it possible for authenticated attackers, with Shop...
CVE-2024-12600
CVE-2024-12600 affects the WordPress plugin Custom Product Tabs Lite for WooCommerce (all versions up to 1.9.0). Root cause: PHP Object Injection via deserialization of untrusted input from the frs_woo_product_tabs parameter. Impact per sources: authenticated attackers with Shop Manager level or ...