Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/08/26 12:0 a.m.10 views

WordPress Image Hotspot by DevVN Plugin <= 1.2.5 is vulnerable to PHP Object Injection

Software Image Hotspot by DevVN Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-7656 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 9842e20a2259 Credits Lucio Sá Required privilege Auth...

8.8CVSS6.8AI score0.00783EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2024/08/24 2:52 p.m.5 views

CVE-2024-7656

creationtimestamp| type| source ---|---|--- 2024-08-24 14:52:27+00:00| seen| https://t.me/cvedetector/4056...

8.8CVSS4.8AI score0.00783EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/24 11:36 a.m.12 views

CVE-2024-7656 Image Hotspot by DevVN <= 1.2.5 - Authenticated (Author+) PHP Object Injection

The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.5 via deserialization of untrusted input in the 'devvnihotspotshortcodefunc' function. This makes it possible for authenticated attackers, with Author-level access and...

8.8CVSS7.2AI score0.00783EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/24 11:36 a.m.30 views

CVE-2024-7656 Image Hotspot by DevVN <= 1.2.5 - Authenticated (Author+) PHP Object Injection

The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.5 via deserialization of untrusted input in the 'devvnihotspotshortcodefunc' function. This makes it possible for authenticated attackers, with Author-level access and...

8.8CVSS0.00783EPSS
Exploits0References3
Rows per page
Query Builder