4 matches found
CVE-2025-2332
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.13 via deserialization of untrusted input in the 'returnMetaValueAsCustomerInput' function. This makes it possible for unauthenticated attacke...
CVE-2025-2332
creationtimestamp| type| source ---|---|--- 2025-03-27 06:40:12+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lldowwbk252g 2025-03-27 07:30:19+00:00| published-proof-of-concept| Telegram/nXpxTUnuiIyQonR7LnQBkLEoYc0D4Dc9ELBHZOgfYe7uvjo 2025-03-27 08:17:33+00:00| seen|...
CVE-2025-2332 Export All Posts, Products, Orders, Refunds & Users <= 2.13 - Unauthenticated PHP Object Injection
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.13 via deserialization of untrusted input in the 'returnMetaValueAsCustomerInput' function. This makes it possible for unauthenticated attacke...
CVE-2025-2332 Export All Posts, Products, Orders, Refunds & Users <= 2.13 - Unauthenticated PHP Object Injection
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.13 via deserialization of untrusted input in the 'returnMetaValueAsCustomerInput' function. This makes it possible for unauthenticated attacke...