3 matches found
CVE-2024-33641
Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue affects Custom field finder: from n/a through 0.3...
CVE-2024-33641
CVE-2024-33641 is an authenticated PHP object injection vulnerability in the WordPress plugin “Custom field finder” (affected from n/a up to and including 0.3). Exploitation requires authentication and leads to deserialization of untrusted data, with CVSS v3.1 base score 5.4 (Medium). Public refe...
WordPress Custom field finder Plugin <= 0.3 is vulnerable to PHP Object Injection
Software Custom field finder Type Plugin Vulnerable versions = 0.3 Fixed in 0.4 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-33641 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 73f25d40c87c Credits CatFather Required privilege Author...