Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:29 a.m.6 views

CVE-2024-1772

The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.4 via deserialization of untrusted input from the playpodcastdata post meta. This makes it possible for authenticated...

8.8CVSS7.1AI score0.0099EPSS
Exploits0References1
OSV
OSV
added 2024/03/13 4:15 p.m.5 views

CVE-2024-1772

The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.4 via deserialization of untrusted input from the playpodcastdata post meta. This makes it possible for authenticated...

8.8CVSS6AI score0.0099EPSS
Exploits0References2
CVE
CVE
added 2024/03/13 3:27 p.m.52 views

CVE-2024-1772

The CVE-2024-1772 entry concerns the Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio WordPress plugin (versions up to and including 3.6.4). It describes a PHP Object Injection via deserialization of untrusted input from the play_podcast_data post meta, exploitable by authentic...

8.8CVSS9AI score0.0099EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/02/23 12:0 a.m.11 views

WordPress Play.ht Plugin <= 3.6.4 is vulnerable to PHP Object Injection

Software Play.ht Type Plugin Vulnerable versions = 3.6.4 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1772 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID 571b81755147 Credits Francesco Carlucci Required privilege Contribut...

8.8CVSS6.8AI score0.0099EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder