4 matches found
CVE-2024-37502
Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login woo-social-login.This issue affects WooCommerce Social Login: from n/a through = 2.6.3...
CVE-2024-37502 WordPress Social Login plugin <= 2.6.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login.This issue affects WooCommerce Social Login: from n/a through 2.6.3...
CVE-2024-37502
CVE-2024-37502 affects the WooCommerce – Social Login plugin for WordPress, with affected versions up to 2.6.3. The vulnerability is described in the connected Wordfence entry as an unauthenticated PHP Object Injection resulting from deserialization of untrusted data. Impact is described as high ...
WordPress WooCommerce Social Login Plugin <= 2.6.3 is vulnerable to PHP Object Injection
Software WooCommerce Social Login Type Plugin Vulnerable versions = 2.6.3 Fixed in 2.7.0 OWASP Top 10 A5: Security Misconfiguration Classification PHP Object Injection CVE CVE-2024-37502 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 642655a733d8 Credits Ananda Dhak...