WordPress Customizer Export/Import Plugin < 0.9.6 PHP Object Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpbeaverbuilder:customizerexport%2fimport"; if description...

Enable Media Replace < 4.1.3 - Author+ PHP Object Injection

Description The plugin unserializes user input via the Remove Background feature, which could allow Author+ users to perform PHP Object Injection when a suitable gadget is present on the blog PoC Step 1: Add the following code to the end of the file located at...

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two PHP Object Injection vulnerabilities in the Essential Blocks plugin for WordPress, a plugin with over 100,000 installations. We received a response three days later and sent over our fu...

WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object Injection

Vulnerability Summary from Wordfence Intelligence Description: Insecure Deserialization/PHP Object Injection via queries Affected Plugin: Essential Blocks, Essential Blocks Pro Plugin slug: essential-blocks, essential-blocks-pro Vendor: WPDeveloper Affected versions: = 4.2.0 Free and = 1.1.0 Pro...

Weaver Xtreme Theme Support < 6.3.1 - Admin+ PHP Object Injection

Description The plugin unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import a malicious file and a suitable gadget chain is present on the blog. To simulate a gadget chain, put the following code in a plugin: class Test...

WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object Injection Vulnerability

Vulnerability Summary from Wordfence Intelligence Description: Insecure Deserialization/PHP Object Injection via queries Affected Plugin: Essential Blocks, Essential Blocks Pro Plugin slug: essential-blocks, essential-blocks-pro Vendor: WPDeveloper Affected versions: = 4.2.0 Free and = 1.1.0 Pro...

WordPress Enable Media Replace Plugin < 4.1.3 is vulnerable to PHP Object Injection

Software Enable Media Replace Type Plugin Vulnerable versions 4.1.3 Fixed in 4.1.3 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority Low CVSS severity Low 6.6 Developer ShortPixel PSID 5d377501ce8e Credits Unknown Required privilege Editor Published 15 Septembe...

WordPress ShortPixel Image Optimizer Plugin < 5.4.2 is vulnerable to PHP Object Injection

Software ShortPixel Image Optimizer Type Plugin Vulnerable versions 5.4.2 Fixed in 5.4.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority Low CVSS severity Low 6.6 Developer ShortPixel PSID 5232103a110b Credits Unknown Required privilege Editor Published 15...

WordPress Essential Blocks for Gutenberg Plugin <= 4.2.0 is vulnerable to PHP Object Injection

Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-4402 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 12450c59ad4b Credits Marco Wotschka Required...

WordPress Essential Blocks Pro Plugin <= 1.1.0 is vulnerable to PHP Object Injection

Software Essential Blocks Pro Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-4386 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID b459be820fbe Credits Marco Wotschka Required privilege...

WordPress Read More & Accordion Plugin <= 3.2.6.1 is vulnerable to PHP Object Injection

Software Read More & Accordion Type Plugin Vulnerable versions = 3.2.6.1 Fixed in 3.2.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-3392 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID c9659021e9fe Credits Do Xuan Trung Required privilege...

CVE-2023-4314 wpDataTables < 2.1.66 - Admin+ PHP Object Injection

The wpDataTables WordPress plugin before 2.1.66 does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the server. This is impactful in...

CVE-2023-4314 wpDataTables < 2.1.66 - Admin+ PHP Object Injection

The wpDataTables WordPress plugin before 2.1.66 does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the server. This is impactful in...

Read More & Accordion < 3.2.7 - Admin+ PHP Object Injection

Description The plugin unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup :...

WordPress Flatsome Theme <= 3.17.5 is vulnerable to PHP Object Injection

Software Flatsome Type Theme Vulnerable versions = 3.17.5 Fixed in 3.17.6 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-40555 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 0472344ea36e Credits Rafie Muhammad Patchstack Required privilege...

CVE-2022-24989

TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters for PHP Object Instantiation to the api.php?mobile/createRaid URI. Shell metacharacters can be placed in raidtype because popen is used without any sanitization...

WordPress wpDataTables Plugin < 2.1.66 is vulnerable to PHP Object Injection

Software wpDataTables Type Plugin Vulnerable versions 2.1.66 Fixed in 2.1.66 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 1e3877a1edd6 Credits WordFence Required privilege Administrator Published 18...

wpDataTables < 2.1.66 - Admin+ PHP Object Injection

Description The plugin does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the server. This is impactful in environments where admin...

wpDataTables < 2.1.66 - Admin+ PHP Object Injection

Description The plugin does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the server. This is impactful in environments where admin...

WordPress Checkout Field Editor (Checkout Manager) for WooCommerce Plugin < 1.8.0 PHP Object Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:themehigh:checkoutfieldeditorforwoocommerce"; if description...