Lucene search
K

4 matches found

CVE
CVE
added 2024/05/09 11:36 a.m.80 views

CVE-2024-29800

CVE-2024-29800 describes a PHAR deserialization vulnerability in Timber WordPress Timber plugin <= 1.23.0. The flaw arises from unvalidated inputs in the Timber run/toJpg.php path, allowing deserialization via phar:// and potentially remote code execution when attackers upload crafted files an...

8CVSS7.7AI score0.00454EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/09 11:36 a.m.44 views

CVE-2024-29800 WordPress Timber plugin <= 1.23.0 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in Timber Team & Contributors Timber.This issue affects Timber: from n/a through 1.23.0...

8CVSS8.1AI score0.00454EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/05/07 12:0 a.m.13 views

WordPress Timber Plugin <= 1.23.0 is vulnerable to Deserialization of untrusted data

Software Timber Type Plugin Vulnerable versions = 1.23.0 Fixed in 1.23.1 OWASP Top 10 A3: Injection Classification Deserialization of untrusted data CVE CVE-2024-29800 Patch priority Low CVSS severity Low 8 Developer Claim ownership PSID efbf64c823fc Credits Trình Vũ Sonicrrrr from VNPT-VCI...

8CVSS6.8AI score0.00454EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2024/04/11 8:29 p.m.8 views

CVE-2024-29800

creationtimestamp| type| source ---|---|--- 2024-04-11 20:29:44+00:00| published-proof-of-concept| https://github.com/timber/timber/security/advisories/GHSA-6363-v5m4-fvq3...

8CVSS7.2AI score0.00454EPSS
Exploits0References1
Rows per page
Query Builder