CVE-2022-2440

The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'imagesarray' parameter in versions up to, and including 2.8. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will deserializ...

CVE-2022-2440

The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'imagesarray' parameter in versions up to, and including 2.8. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will deserializ...

WordPress plugin Theme Editor 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Theme Edit...

PT-2024-11529 · WordPress · Theme Editor

Name of the Vulnerable Software and Affected Versions: Theme Editor plugin for WordPress versions up to, and including 2.8 Description: The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the images array parameter. This makes it possible for authenticate...