PT-2023-14182 · WordPress · The Analyticator

Name of the Vulnerable Software and Affected Versions: The Analyticator WordPress plugin versions prior to 6.5.6 Description: The issue allows high privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present. This is due to the plugin unserializing user inpu...

WordPress plugin The Analyticator 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the...

WordPress Anti-Malware Security and Brute-Force Firewall Plugin < 4.21.86 PHP Object Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Tiki Wiki CMS Groupware < 24.1 Multiple Vulnerabilities

Tiki Wiki CMS Groupware is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Tiki Wiki CMS Groupware < 24.2 PHP Object Injection Vulnerability

Tiki Wiki CMS Groupware is prone to a PHP object injection. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-22851

Tiki before 24.2 allows lib/importer/tikiimporterblogwordpress.php PHP Object Injection by an admin because of an unserialize call...

CVE-2023-22850

Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call...

CVE-2023-22850

Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call...

Code injection

Tiki before 24.2 allows lib/importer/tikiimporterblogwordpress.php PHP Object Injection by an admin because of an unserialize call...

Code injection

Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call...

CVE-2023-22853

Tiki before 24.1, when featurecreatewebhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval...

CVE-2023-22853

Tiki before 24.1, when featurecreatewebhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval...

Design/Logic Flaw

Tiki before 24.1, when featurecreatewebhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval...

CVE-2023-22851

Tiki before 24.2 allows lib/importer/tikiimporterblogwordpress.php PHP Object Injection by an admin because of an unserialize call...

CVE-2023-22850

Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call...

CVE-2023-22853

Tiki before 24.1, when featurecreatewebhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval...

PT-2023-18729 · Tiki · Tiki

Name of the Vulnerable Software and Affected Versions: Tiki versions prior to 24.1 Description: The issue allows PHP Object Injection in lib/structures/structlib.php due to an eval when the feature create webhelp is enabled. Recommendations: For versions prior to 24.1, update to version 24.1 or...

PT-2023-18727 · Tiki · Tiki

Name of the Vulnerable Software and Affected Versions: Tiki versions prior to 24.2 Description: The issue allows PHP Object Injection in lib/importer/tikiimporter blog wordpress.php by an admin due to an unserialize call. Recommendations: For versions prior to 24.2, update to version 24.2 or late...

CVE-2023-22853

Tiki before 24.1, when featurecreatewebhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval...

PT-2023-18726 · Tiki · Tiki

Name of the Vulnerable Software and Affected Versions: Tiki versions prior to 24.1 Description: The issue allows PHP Object Injection in lib/sheet/grid.php due to an unserialize call when the Spreadsheets feature is enabled. Recommendations: For versions prior to 24.1, update to version 24.1 or...