WordPress Plugin BuddyPress WooCommerce My Account Integration 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Tourfic < 2.11.19 - Authenticated (Subscriber+) PHP Object Injection

Description The Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.11.17 via deserialization of untrusted input . This makes it possible for...

BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages < 3.4.21 - Authenticated (Subscriber+) PHP Object Injection in get_simple_request

Description The "BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages" plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.4.20 via deserialization of untrusted input in the getsimplerequest function. This makes it possible...

PT-2024-18637 · WordPress · Buddypress Woocommerce My Account Integration

Name of the Vulnerable Software and Affected Versions: BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages plugin for WordPress versions up to, and including, 3.4.20 Description: The issue concerns PHP Object Injection via deserialization of untrusted input in the get...

CVE-2024-27985 WordPress PropertyHive plugin <= 2.0.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.9...

CVE-2024-27985 WordPress PropertyHive plugin <= 2.0.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.9...

CVE-2024-2721 WordPress Social Media Share Buttons plugin <= 2.1.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social Media Share Buttons.This issue affects Social Media Share Buttons: from n/a through 2.1.0...

CVE-2024-2721 WordPress Social Media Share Buttons plugin <= 2.1.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social Media Share Buttons.This issue affects Social Media Share Buttons: from n/a through 2.1.0...

WordPress Social Media Share Buttons Plugin <= 2.1.0 is vulnerable to PHP Object Injection

Software Social Media Share Buttons Type Plugin Vulnerable versions = 2.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-2721 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 6b7330720e7c Credits Dimas Maulana Required privilege...

PropertyHive < 2.0.10 - Authenticated (Subscriber+) PHP Object Injection

Description The PropertyHive plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.9 via deserialization of untrusted input through the 'body' parameter. This makes it possible for attackers, with subscriber-level access and above, to inject a PHP...

CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...

CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...

WordPress Simple Job Board Plugin <= 2.11.0 is vulnerable to PHP Object Injection

Software Simple Job Board Type Plugin Vulnerable versions = 2.11.0 Fixed in 2.11.1 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1813 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 0f7bf0484277 Credits Francesco Carlucci Required privilege...

CVE-2024-1685

The Social Media Share Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.1.0 via deserialization of untrusted input through the attachmentUrl parameter. This makes it possible for authenticated attackers, with subscriber-level access and...

CVE-2024-1685 Social Media Share Buttons <= 2.1.0 - Authenticated (Subscriber+) PHP Object Injection

The Social Media Share Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.1.0 via deserialization of untrusted input through the attachmentUrl parameter. This makes it possible for authenticated attackers, with subscriber-level access and...

CVE-2024-1685 Social Media Share Buttons <= 2.1.0 - Authenticated (Subscriber+) PHP Object Injection

The Social Media Share Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.1.0 via deserialization of untrusted input through the attachmentUrl parameter. This makes it possible for authenticated attackers, with subscriber-level access and...

CVE-2024-1685

CVE-2024-1685 affects the Social Media Share Buttons plugin for WordPress. It is vulnerable to PHP Object Injection in all versions up to 2.1.0 via deserialization of untrusted input through the attachmentUrl parameter. Authenticated attackers with subscriber-level access or higher can inject a P...

WordPress Plugin Social Media Share Buttons Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-18329 · WordPress · Simple Job Board

Name of the Vulnerable Software and Affected Versions: The Simple Job Board plugin for WordPress versions up to, and including, 2.11.0 Description: The issue is related to PHP Object Injection via deserialization of untrusted input in the job board applicant list columns value function. This allo...

Social Media Share Buttons <= 2.1.0 - Authenticated (Subscriber+) PHP Object Injection

Description The Social Media Share Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.1.0 via deserialization of untrusted input through the attachmentUrl parameter. This makes it possible for authenticated attackers, with subscriber-level...