CVE-2024-10913 Clone <= 2.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialized_replace'

The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.6 via deserialization of untrusted input in the 'recursiveunserializedreplace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain i...

WordPress Clone plugin <= 2.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialized_replace' vulnerability

Unauthenticated PHP Object Injection via 'recursiveunserializedreplace' vulnerability discovered by Webbernaut in WordPress Plugin Clone versions = 2.4.6...