2 matches found
CVE-2024-1951 Logo Showcase Ultimate – Logo Carousel, Logo Slider & Logo Grid <= 1.3.8 - Authenticated(Contributor+) PHP Object Injection
The Logo Showcase Ultimate – Logo Carousel, Logo Slider & Logo Grid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.8 via deserialization via shortcode of untrusted input. This makes it possible for authenticated attackers, with contributor...
WordPress Logo Showcase Ultimate – Logo Carousel, Logo Slider & Logo Grid Plugin <= 1.3.8 is vulnerable to PHP Object Injection
Software Logo Showcase Ultimate – Logo Carousel, Logo Slider & Logo Grid Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.9 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1951 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 5b1fd4bab381...