3 matches found
CVE-2024-27985 WordPress PropertyHive plugin <= 2.0.9 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.9...
CVE-2024-27985
CVE-2024-27985 : Deserialization of untrusted data in PropertyHive (WordPress) allows PHP Object Injection in versions up to 2.0.9 (authenticated as Subscriber+). Impact details per CVSS: 8.8 (HIGH) with network attack vector, no user interaction required; affects confidentiality, integrity, and ...
WordPress PropertyHive Plugin <= 2.0.9 is vulnerable to PHP Object Injection
Software PropertyHive Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.0.10 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-27985 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 245763d3996e Credits CatFather Required privilege Subscribe...