WordPress Ocean Extra Plugin < 2.0.5 PHP Objection Injection Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

WordPress PublishPress Capabilities Plugin < 2.5.2 PHP Objection Injection Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

Ocean Extra < 2.0.5 - Admin+ PHP Objection Injection

The plugin unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import intentionally or not a malicious Customizer Styling file and a suitable gadget chain is present on the blog. To simulate a gadget chain, put the following co...

WordPress Easy WP SMTP plugin <= 1.4.9 - Auth. PHP Objection Injection vulnerability

Auth. PHP Objection Injection vulnerability discovered by Nguyen Duy Quoc Khanh in WordPress Easy WP SMTP plugin versions = 1.4.9. Solution Update the WordPress Easy WP SMTP plugin to the latest available version at least 1.5.0...

WordPress PublishPress Capabilities plugin <= 2.5.1 - Auth. PHP Objection Injection vulnerability

Auth. PHP Objection Injection vulnerability discovered by Nguyen Pham Viet Nam in WordPress PublishPress Capabilities plugin versions = 2.5.1. Solution Update the WordPress PublishPress Capabilities plugin to the latest available version at least 2.5.2...

PublishPress Capabilities < 2.5.2 - Admin+ PHP Objection Injection

The plugin unserializes the content of imported files, which could lead to PHP object injection attacks by administrators, on multisite WordPress configurations. Successful exploitation in this case requires other plugins with a suitable gadget chain to be present on the site. PoC To simulate a...

WordPress Ocean Extra plugin <= 2.0.4 - Auth. PHP Objection Injection vulnerability

Auth. PHP Objection Injection vulnerability discovered by Nguyen Duy Quoc Khanh in the WordPress Ocean Extra plugin versions = 2.0.4. Solution Update the WordPress Ocean Extra plugin to the latest available version at least 2.0.5...

WordPress Customizer Export/Import plugin <= 0.9.4 - Authenticated PHP Objection Injection vulnerability

Authenticated PHP Objection Injection vulnerability discovered by Nguyen Duy Quoc Khanh in the WordPress Customizer Export/Import plugin versions = 0.9.4. Solution Update the WordPress Customizer Export/Import plugin to the latest available version at least 0.9.5...

WordPress Kadence WooCommerce Email Designer plugin <= 1.5.6 - Authenticated PHP Objection Injection vulnerability

Authenticated PHP Objection Injection vulnerability discovered by Nguyen Duy Quoc Khanh in WordPress Kadence WooCommerce Email Designer plugin versions = 1.5.6. Solution Update the WordPress Kadence WooCommerce Email Designer plugin to the latest available version at least 1.5.7...

WordPress NinjaForms plugin <= 3.6.12 - Authenticated PHP Objection Injection vulnerability

Authenticated PHP Objection Injection vulnerability discovered by Alessio Santoru in WordPress NinjaForms plugin versions = 3.6.12. Solution Update the WordPress Ninja Forms plugin to the latest available version at least 3.6.13...

NinjaForms < 3.6.13 - Admin+ PHP Objection Injection

The plugin unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import intentionally or not a malicious file and a suitable gadget chain is present on the blog. To simulate a gadget chain, put the following code in a plugin class Evil public...

CVE-2019-14466

The GOsaFilterSettings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions in the context of the user account that runs the web server via a crafted cookie value, because unserialize is used to restore...

CVE-2019-14466

The GOsaFilterSettings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions in the context of the user account that runs the web server via a crafted cookie value, because unserialize is used to restore...

Design/Logic Flaw

The GOsaFilterSettings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions in the context of the user account that runs the web server via a crafted cookie value, because unserialize is used to restore...

CVE-2019-14466

The GOsaFilterSettings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions in the context of the user account that runs the web server via a crafted cookie value, because unserialize is used to restore...

Joomla! < 3.9.3 Multiple Vulnerabilities

Joomla! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla"; ifdescription...

CVE-2019-7743

An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism such as the TYPO3 PHAR stream wrapper to prevent use of the phar:// handler for non .phar-files...

CVE-2019-7743

An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism such as the TYPO3 PHAR stream wrapper to prevent use of the phar:// handler for non .phar-files...

CVE-2019-7743

Joomla! before 3.9.3 is vulnerable to an object injection via the phar:// stream wrapper due to a missing protection against using phar:// for non-.phar files. Affected component is the core Joomla! PHP handling (phar wrapper); exploitation could lead to severe impact (high/critical in CVSS terms...

CVE-2019-7743

An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism such as the TYPO3 PHAR stream wrapper to prevent use of the phar:// handler for non .phar-files...