Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/02/05 9:59 a.m.10 views

CVE-2024-3070

The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input from the LastViewedPosts Cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known...

9.8CVSS7.3AI score0.01158EPSS
Exploits0References1
cvelist
cvelist
added 2024/05/09 8:3 p.m.27 views

CVE-2024-3070 Last Viewed Posts by WPBeginner <= 1.0.0 - Unauthenticated PHP Object Injection

The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input from the LastViewedPosts Cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known...

9.8CVSS9.9AI score0.01158EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/05/09 8:3 p.m.29 views

CVE-2024-3070 Last Viewed Posts by WPBeginner <= 1.0.0 - Unauthenticated PHP Object Injection

The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input from the LastViewedPosts Cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known...

9.8CVSS7.4AI score0.01158EPSS
Exploits0References2
patchstack
patchstack
added 2024/05/03 12:0 a.m.12 views

WordPress Last Viewed Posts by WPBeginner Plugin <= 1.0.0 is vulnerable to PHP Object Injection

Software Last Viewed Posts by WPBeginner Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.0.1 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-3070 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 1e1e21bf8373 Credits Francesco Carlucci Requir...

9.8CVSS6.8AI score0.01158EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder