CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3587 matches found

OSV•added 2023/01/23 3:15 p.m.•1 views

CVE-2022-3425

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS5.8AI score0.00783EPSS

Exploits2References1

Prion•added 2023/01/23 3:15 p.m.•18 views

Design/Logic Flaw

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

5.8CVSS7AI score0.00855EPSS

Exploits2References1Affected Software1

CVE•added 2023/01/23 2:31 p.m.•61 views

CVE-2022-4323

CVE-2022-4323 concerns the WordPress plugin Analyticator (up to version 6.5.5; fixed in 6.5.6). The vulnerability arises because the plugin unserializes user input provided via the settings, which can enable PHP Object Injection when a suitable gadget is present. The issue can be triggered by hig...

7.2CVSS7AI score0.00855EPSS

Exploits2References1Affected Software1

Cvelist•added 2023/01/23 2:31 p.m.•22 views

CVE-2022-4323 Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

7.2AI score0.00855EPSS

Exploits2References1

Vulnrichment•added 2023/01/23 2:31 p.m.•12 views

CVE-2022-4323 Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

7.3AI score0.00855EPSS

Exploits2References1

CVE•added 2023/01/23 2:31 p.m.•78 views

CVE-2022-3425

The CVE-2022-3425 issue affects the WordPress plugin The Analyticator (versions prior to 6.5.6). The vulnerability stems from unserializing user input in the plugin settings, which could let high-privilege users (e.g., administrators) perform PHP Object Injection when a suitable gadget is present...

7.2CVSS7.1AI score0.00783EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2023/01/23 2:31 p.m.•7 views

CVE-2022-3425 Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

7.4AI score0.00783EPSS

Exploits2References1

Cvelist•added 2023/01/23 2:31 p.m.•16 views

CVE-2022-3425 Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

7.3AI score0.00783EPSS

Exploits2References1

Positive Technologies•added 2023/01/23 12:0 a.m.•1 views

PT-2023-14182 · WordPress · The Analyticator

Name of the Vulnerable Software and Affected Versions: The Analyticator WordPress plugin versions prior to 6.5.6 Description: The issue allows high privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present. This is due to the plugin unserializing user inpu...

7.2CVSS6.9AI score0.00855EPSS

Exploits2References4

CNNVD•added 2023/01/23 12:0 a.m.•2 views

WordPress plugin The Analyticator 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the...

7.2CVSS7.1AI score0.00855EPSS

Exploits2References2

Positive Technologies•added 2023/01/23 12:0 a.m.•2 views

PT-2023-13351 · WordPress · Analyticator

Name of the Vulnerable Software and Affected Versions: The Analyticator WordPress plugin versions prior to 6.5.6 Description: The issue allows high-privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present. This is due to the plugin unserializing user inpu...

7.2CVSS7.2AI score0.00783EPSS

Exploits2References4

OpenVAS•added 2023/01/17 12:0 a.m.•7 views

WordPress Anti-Malware Security and Brute-Force Firewall Plugin < 4.21.86 PHP Object Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.7AI score

Exploits1References2

OpenVAS•added 2023/01/16 12:0 a.m.•18 views

Tiki Wiki CMS Groupware < 24.1 Multiple Vulnerabilities

Tiki Wiki CMS Groupware is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS8.8AI score0.0127EPSS

Exploits5References2

OpenVAS•added 2023/01/16 12:0 a.m.•16 views

Tiki Wiki CMS Groupware < 24.2 PHP Object Injection Vulnerability

Tiki Wiki CMS Groupware is prone to a PHP object injection. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.2CVSS7.2AI score0.00752EPSS

Exploits3References1

OSV•added 2023/01/14 2:15 a.m.•11 views

CVE-2023-22851

Tiki before 24.2 allows lib/importer/tikiimporterblogwordpress.php PHP Object Injection by an admin because of an unserialize call...

7.2CVSS7.3AI score

Exploits0References2

OSV•added 2023/01/14 2:15 a.m.•19 views

CVE-2023-22850

Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call...

8.8CVSS7.3AI score

Exploits0References2