3 matches found
CVE-2024-31277 WordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32...
CVE-2024-31277
CVE-2024-31277 affects PickPlugins Product Designer (WordPress plugin) up to version 1.0.32. Root cause: Deserialization of untrusted data leading to unauthenticated PHP Object Injection. Impact: potential compromise of data integrity and confidentiality as indicated by CVSS, with unauthenticated...
WordPress Product Designer Plugin <= 1.0.32 is vulnerable to PHP Object Injection
Software Product Designer Type Plugin Vulnerable versions = 1.0.32 Fixed in 1.0.33 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-31277 Patch priority High CVSS severity High 8.7 Developer Claim ownership PSID c28d30a48452 Credits Yudistira Arya Required privilege...