HUSKY (formerly WOOF) Plugin for WordPress < 1.3.2 PHP Object Injection

The WordPress HUSKY formerly WOOF Plugin installed on the remote host is affected by a php object injection vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

ChatBot < 4.4.7 - Unauthenticated PHP Object Injection

The plugin unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog PoC To simulate a gadget chain, put the following code in a plugin: class Evil public functio...

SEOPress < 6.5.0.3 - Admin+ PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

Advanced Custom Fields < 5.12.5 - Contributor+ PHP Object Injection

The plugin unserializes user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present. Setup As admin - To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

Advanced Custom Fields < 6.1.0 - Contributor+ PHP Object Injection

The plugin unserializes user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present. PoC Setup As admin - To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup :...

Advanced Custom Fields < 5.12.5 - Contributor+ PHP Object Injection

The plugin unserializes user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present. PoC Setup As admin - To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup :...

Advanced Custom Fields < 6.1.0 - Contributor+ PHP Object Injection

The plugin unserializes user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present. Setup As admin - To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

WordPress Formidable Forms Plugin <= 6.1.2 is vulnerable to PHP Object Injection

Software Formidable Forms Type Plugin Vulnerable versions = 6.1.2 Fixed in 6.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-1405 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID e0f1ba3999f1 Credits Nguyen Huu Do Required privilege...

Formidable Forms < 6.2 - Unauthenticated PHP Object Injection

The plugin unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present. To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void die"Arbitrary deserialization"; 1. Active this plugin a...

Formidable Forms < 6.2 - Unauthenticated PHP Object Injection

The plugin unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present. PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void die"Arbitrary deserialization"; 1. Active this...

WordPress Advanced Custom Fields Plugin <= 6.0.7 is vulnerable to PHP Object Injection

Software Advanced Custom Fields Type Plugin Vulnerable versions = 6.0.7 Fixed in 6.1.0 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 29e8820ff608 Credits Unknown Required privilege Contributor...

CVE-2023-28667

The Lead Generated WordPress Plugin, version = 1.23, was affected by an unauthenticated insecure deserialization issue. The tvelabels parameter of the tveapiformsubmit action is passed to the PHP unserialize function without being sanitized or verified, and as a result could lead to PHP object...

CVE-2023-28667

CVE-2023-28667 centers on the Lead Generated WordPress Plugin (version

PT-2023-21888 · WordPress · The Lead Generated Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Lead Generated WordPress Plugin version = 1.23 Description: The issue is related to an unauthenticated insecure deserialization problem. The tve labels parameter of the tve api form submit action is passed to the PHP unserialize function...

CVE-2023-28667

The Lead Generated WordPress Plugin, version = 1.23, was affected by an unauthenticated insecure deserialization issue. The tvelabels parameter of the tveapiformsubmit action is passed to the PHP unserialize function without being sanitized or verified, and as a result could lead to PHP object...

WordPress LeadSnap Plugin <= 1.23 is vulnerable to PHP Object Injection

Software LeadSnap Type Plugin Vulnerable versions = 1.23 Fixed in 1.24 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority High CVSS severity High 5.4 Developer Claim ownership PSID 9b44d2d3b583 Credits WordFence Required privilege Unauthenticated Published 13...

CVE-2023-0232

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection...

Design/Logic Flaw

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection...

CVE-2023-0232 ShopLentor < 2.5.4 - PHP Object Injection

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection...

CVE-2023-0232 ShopLentor < 2.5.4 - PHP Object Injection

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection...