7 matches found
WordPress ToTop Link plugin code problem vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. ToTop Link Plugin is a WordPress open source application plugin. WordPress ToTop Link Plugin has a code issue vulnerability in versions prior to 1.7.1, which stems from the plugin passing...
CVE-2021-24857
The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize PHP function, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain...
CVE-2021-24857
The CVE refers to the WordPress ToTop Link plugin (versions
CVE-2021-24857 ToTop Link <= 1.7.1 - Unauthenticated PHP Object Injection
The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize PHP function, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain...
WordPress 插件代码问题漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. ToTop Link Plugin is a WordPress open source application plugin. WordPress ToTop Link Plugin has a code issue vulnerability in versions prior to 1.7.1, which stems from the plugin passing...
ToTop Link <= 1.7.1 - Unauthenticated PHP Object Injection
The plugin passes base64 encoded user input to the unserialize PHP function, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain. https://example.com/wp-content/plugins/totop-link/trunk/totop-link.css.php?vars=base64encodedpayload...
WordPress ToTop Link plugin <= 1.7.1 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by Muhammed Kara in WordPress ToTop Link plugin versions = 1.7.1. Solution Deactivate and delete. This plugin has been closed as of October 21, 2021 and is not available for download. This closure is temporary, pending a full review...