4 matches found
CVE-2024-4733
CVE-2024-4733 affects ShiftController Employee Shift Scheduling WordPress plugin. Some versions up to 4.9.57 are vulnerable to PHP Object Injection via deserialization of untrusted input in the hc3_session cookie, exploitable by an authenticated attacker with contributor+ privileges to inject a P...
CVE-2024-4733 ShiftController Employee Shift Scheduling <= 4.9.57 - Authenticated (Contributor+) PHP Object Injection
The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the hc3session-cookie in versions up to, and including, 4.9.57. This makes it possible for an authenticated attacker with contributor access-level or above to inje...
CVE-2024-4733 ShiftController Employee Shift Scheduling <= 4.9.57 - Authenticated (Contributor+) PHP Object Injection
The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the hc3session-cookie in versions up to, and including, 4.9.57. This makes it possible for an authenticated attacker with contributor access-level or above to inje...
WordPress plugin ShiftController Employee Shift Scheduling 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...