CVE-2021-39321

CVE-2021-39321 affects the WordPress plugin Sassy Social Share (version 3.3.23). It enables PHP Object Injection via the wp_ajax_heateor_sss_import_config AJAX action due to deserialization of unvalidated inputs in admin/class-sassy-social-share-admin.php import_config, without proper capability ...

CVE-2021-39321 Sassy Social Share 3.3.23 PHP Object Injection

Version 3.3.23 of the Sassy Social Share WordPress plugin is vulnerable to PHP Object Injection via the wpajaxheateorsssimportconfig AJAX action due to deserialization of unvalidated user supplied inputs via the importconfig function found in the /admin/class-sassy-social-share-admin.php file. Th...

CVE-2021-39321 Sassy Social Share 3.3.23 PHP Object Injection

Version 3.3.23 of the Sassy Social Share WordPress plugin is vulnerable to PHP Object Injection via the wpajaxheateorsssimportconfig AJAX action due to deserialization of unvalidated user supplied inputs via the importconfig function found in the /admin/class-sassy-social-share-admin.php file. Th...

Vulnerability Patched in Sassy Social Share Plugin

Update: This article has been updated for accuracy: while we initially did create a rule to block this vulnerability we later found that the vulnerability was already blocked by an existing rule. Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe ...

WordPress Sassy Social Share plugin <= 3.3.23 - Missing Authorization Controls to PHP Object Injection vulnerability

Missing Authorization Controls to PHP Object Injection vulnerability discovered by Chloe Chamberland WordFence in WordPress Sassy Social Share plugin versions = 3.3.23. Solution Update the WordPress Sassy Social Share plugin to the latest available version at least 3.3.24...

Sassy Social Share 3.3.23 - Missing Access Controls to PHP Object Injection

Version 3.3.23 of the Sassy Social Share WordPress plugin is vulnerable to PHP Object Injection via the wpajaxheateorsssimportconfig AJAX action due to a missing capability check in the importconfig function found in the /admin/class-sassy-social-share-admin.php file along with the implementation...

Sassy Social Share 3.3.23 - Missing Access Controls to PHP Object Injection

Version 3.3.23 of the Sassy Social Share WordPress plugin is vulnerable to PHP Object Injection via the wpajaxheateorsssimportconfig AJAX action due to a missing capability check in the importconfig function found in the /admin/class-sassy-social-share-admin.php file along with the implementation...

Tapatalk Plugins PHP Object Injection

Advisory: Tapatalk Plugins PHP Object Injection dH team discovered PHP Object Injection vulnerability in all Tapatalk plugins, which is allow to attackers execute PHP code, SQL injection or Denial of Service. No authorization or some extra steps need, so vulnerability considered critical. Details...

CVE-2021-40102

An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in isdir PHP Object Injection associated with the wakeup magic method...

Arbitrary file deletion

An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in isdir PHP Object Injection associated with the wakeup magic method...

CVE-2021-40102

An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in isdir PHP Object Injection associated with the wakeup magic method...

CVE-2021-40102

Concrete CMS up to 8.5.5 is affected by CVE-2021-40102 via PHAR deserialization in is_dir, enabling arbitrary file deletion. Root cause: PHP Object Injection through __wakeup in PHAR context. Exploitation chain observed includes uploading a PHAR payload and triggering deserialization via phar:// ...

CVE-2021-24579

The btbbgetgrid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user input into the unserialize function without any validation or sanitisation, which could lead to a PHP Object Injection. Even though the plugin did not contain a suitable gadget to fully exploit the issu...

Design/Logic Flaw

The btbbgetgrid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user input into the unserialize function without any validation or sanitisation, which could lead to a PHP Object Injection. Even though the plugin did not contain a suitable gadget to fully exploit the issu...

CVE-2021-24579

CVE-2021-24579 affects the Bold Page Builder WordPress plugin (before 3.1.6). The bt_bb_get_grid AJAX action passes user input to unserialize() without validation, enabling PHP Object Injection. Although no gadget was found in the plugin itself to fully exploit, it could enable RCE in some scenar...

CVE-2021-24579 Bold Page Builder < 3.1.6 - PHP Object Injection

The btbbgetgrid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user input into the unserialize function without any validation or sanitisation, which could lead to a PHP Object Injection. Even though the plugin did not contain a suitable gadget to fully exploit the issu...

Pornhub: Deserialization of untrusted data at https://www.redtube.com/media/hls?s=data

The researcher was able to exploit a PHP Object Injection vulnerability which allowed him to execute remote commands on the server...

WordPress Bold Page Builder plugin <= 3.1.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by dc11 in WordPress Bold Page Builder plugin versions = 3.1.5. Solution Update the WordPress Bold Page Builder plugin to the latest available version at least 3.1.6...

Bold Page Builder < 3.1.6 - PHP Object Injection

The btbbgetgrid AJAX action of the plugin passes user input into the unserialize function without any validation or sanitisation, which could lead to a PHP Object Injection. Even though the plugin did not contain a suitable gadget to fully exploit the issue, other installed plugins on the blog...

Bold Page Builder < 3.1.6 - PHP Object Injection

The btbbgetgrid AJAX action of the plugin passes user input into the unserialize function without any validation or sanitisation, which could lead to a PHP Object Injection. Even though the plugin did not contain a suitable gadget to fully exploit the issue, other installed plugins on the blog...