5 matches found
CVE-2024-52440
Deserialization of Untrusted Data vulnerability in xpresslane Xpresslane Fast Checkout xpresslane-integration-for-woocommerce allows Object Injection.This issue affects Xpresslane Fast Checkout: from n/a through = 1.0.0...
CVE-2024-52440
Deserialization of Untrusted Data vulnerability in xpresslane Xpresslane Fast Checkout xpresslane-integration-for-woocommerce allows Object Injection.This issue affects Xpresslane Fast Checkout: from n/a through = 1.0.0...
CVE-2024-52440
creationtimestamp| type| source ---|---|--- 2024-11-20 11:18:03+00:00| seen| https://infosec.exchange/users/cve/statuses/113515002771019188 2024-11-20 13:44:34+00:00| seen| https://t.me/cvedetector/11596...
CVE-2024-52440
CVE-2024-52440 is a deserialization (PHP object injection) vulnerability in the WordPress Xpresslane Fast Checkout plugin. It affects versions up to and including 1.0.0 and stems from deserializing untrusted data, enabling object injection. The CVE entry is supported by multiple sources (NVD/Red ...
WordPress Xpresslane Fast Checkout Plugin <= 1.0.0 is vulnerable to PHP Object Injection
Software Xpresslane Fast Checkout Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52440 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2eaf53da7194 Credits LVT-tholv2k Required privilege...