Lucene search
K

46 matches found

Vulnrichment
Vulnrichment
added 2023/01/30 8:31 p.m.6 views

CVE-2022-4680 Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection

The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.1AI score0.01046EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/01/30 12:0 a.m.66 views

WordPress plugin Revive Old Posts 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

7.2CVSS7.2AI score0.01046EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2023/01/04 12:0 a.m.17 views

Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

7.2CVSS1.9AI score0.01046EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2023/01/04 12:0 a.m.18 views

WordPress Revive Old Posts Plugin < 9.0.11 is vulnerable to PHP Object Injection

Software Revive Old Posts Type Plugin Vulnerable versions 9.0.11 Fixed in 9.0.11 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2022-4680 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID a37521b3e635 Credits Nguyen Huu Do Required privilege...

7.2CVSS6.8AI score0.01046EPSS
Exploits2References3Affected Software1
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.122 views

Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

7.2CVSS1.1AI score0.01046EPSS
Exploits2
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.12 views

WordPress Delete old Posts automatically plugin <= 2.0.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Delete old Posts automatically plugin versions = 2.0.2. Solution Update the WordPress Delete old Posts automatically plugin to the latest available version at least 2.1.2...

4.1AI score
Exploits0References2Affected Software1
Rows per page
Query Builder