462 matches found
CVE-2023-3392 Read More & Accordion < 3.2.7 - Admin+ PHP Object Injection
The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
WordPress Customizer Export/Import Plugin < 0.9.6 PHP Object Injection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpbeaverbuilder:customizerexport%2fimport"; if description...
WordPress Customizer Export/Import Plugin < 0.9.5 PHP Object Injection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpbeaverbuilder:customizerexport%2fimport"; if description...
Enable Media Replace < 4.1.3 - Author+ PHP Object Injection
Description The plugin unserializes user input via the Remove Background feature, which could allow Author+ users to perform PHP Object Injection when a suitable gadget is present on the blog PoC Step 1: Add the following code to the end of the file located at...
GHSA-3Q76-JQ6M-573P Archive_Tar contains Potential RCE if filename starts with phar://
PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...
CVE-2023-2180
The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization assuming they can upload a file on the server...
CVE-2023-1549
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1549
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-2180 KIWIZ Invoices Certification & PDF System <= 2.1.3 - Unauthenticated Arbitrary File Download
The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization assuming they can upload a file on the server...
CVE-2023-2180 KIWIZ Invoices Certification & PDF System <= 2.1.3 - Unauthenticated Arbitrary File Download
The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization assuming they can upload a file on the server...
CVE-2023-2180
The CVE-2023-2180 entry concerns the KIWIZ Invoices Certification & PDF System WordPress plugin (versions ≤ 2.1.3). Affected component: file download path validation is insufficient, enabling an unauthenticated attacker to read/download arbitrary files. The issue also enables PHAR unserialization...
CVE-2023-1549 Ad Inserter < 2.7.27 - Admin+ PHP Object Injection
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1549 Ad Inserter < 2.7.27 - Admin+ PHP Object Injection
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
PT-2023-18344 · WordPress · Kiwiz Invoices Certification & Pdf System
Name of the Vulnerable Software and Affected Versions: KIWIZ Invoices Certification & PDF System WordPress plugin versions 2.1.3 and earlier Description: The issue allows an unauthenticated attacker to read or download arbitrary files, as well as perform PHAR unserialization if they can upload a...
CVE-2023-1650
The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog...
Design/Logic Flaw
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
Design/Logic Flaw
The Advanced Custom Fields ACF Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1669
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1669 SEOPress < 6.5.0.3 - Admin+ PHP Object Injection
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
KIWIZ Invoices Certification & PDF System <= 2.1.3 - Unauthenticated Arbitrary File Download
The plugin does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization assuming they can upload a file on the server PoC To download ../../../../wp-config.php:...