2 matches found
CVE-2024-2006
CVE-2024-2006 affects the WordPress plugin Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget, up to version 1.6.7. Description: PHP Object Injection via deserialization of untrusted input in outpost_shortcode_metabox_markup, exploitable by authenticated us...
WordPress Post Grid, Slider & Carousel Ultimate Plugin <= 1.6.7 is vulnerable to PHP Object Injection
Software Post Grid, Slider & Carousel Ultimate Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-2006 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID ef206ea07872 Credits Francesco Carlucci...