Lucene search
+L

4 matches found

Circl
Circl
added 2024/08/08 4:41 a.m.9 views

CVE-2024-7561

creationtimestamp| type| source ---|---|--- 2024-08-08 04:41:19+00:00| seen| https://t.me/cvedetector/2741...

8.8CVSS4.8AI score0.00659EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/08 1:50 a.m.21 views

CVE-2024-7561 The Next <= 1.1.0 - Authenticated (Contributor+) PHP Object Injection

The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the wpedenpostmeta post meta value. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject...

8.8CVSS0.00659EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/08 1:50 a.m.10 views

CVE-2024-7561 The Next <= 1.1.0 - Authenticated (Contributor+) PHP Object Injection

The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the wpedenpostmeta post meta value. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject...

8.8CVSS7.2AI score0.00659EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/07 12:0 a.m.7 views

WordPress The Next LVL Theme <= 1.1.0 is vulnerable to PHP Object Injection

Software The Next LVL Type Theme Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-7561 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID b79740b6d53a Credits Francesco Carlucci Required privilege...

8.8CVSS6.8AI score0.00659EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder