CVE-2023-25486

CVE-2023-25486 affects WordPress Clone Plugin

WordPress Clone plugin <= 2.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialized_replace' vulnerability

Unauthenticated PHP Object Injection via 'recursiveunserializedreplace' vulnerability discovered by Webbernaut in WordPress Plugin Clone versions = 2.4.6...

WordPress Clone Plugin <= 2.4.6 is vulnerable to PHP Object Injection

Software Clone Type Plugin Vulnerable versions = 2.4.6 Fixed in 2.4.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-10913 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3676e7fb18ec Credits Webbernaut Required privilege Unauthenticated...

PT-2024-16638 · WordPress · Clone

Name of the Vulnerable Software and Affected Versions: The Clone plugin for WordPress versions up to, and including, 2.4.6 Description: The issue allows unauthenticated attackers to inject a PHP Object via deserialization of untrusted input in the recursive unserialized replace function. If a POP...

WordPress Clone plugin <= 2.4.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Clone versions = 2.4.5...

WordPress Clone Plugin <= 2.4.5 is vulnerable to Broken Access Control

Software Clone Type Plugin Vulnerable versions = 2.4.5 Fixed in 2.4.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43298 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 92218c2f2d27 Credits Ananda Dhakal Patchstack Required...

WordPress Clone Plugin <= 2.4.3 is vulnerable to Broken Access Control

Software Clone Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31435 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a38bde6ff71e Credits Dhabaleshwar Das Required privilege...

WordPress Clone Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure

Software Clone Type Plugin Vulnerable versions = 2.4.2 Fixed in 2.4.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6750 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 53f7fdbe82a9 Credits Dmitrii Ignatyev Required privilege...

WordPress Clone Plugin <= 2.3.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Clone Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3977 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 96ed031b1483 Credits Wordfence Required privilege...

WordPress Clone Plugin <= 2.3.7 is vulnerable to Broken Access Control

Software Clone Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 17cafe8314cd Credits WordFence Required privilege Subscriber...

WordPress Clone Plugin <= 2.3.7 is vulnerable to Broken Access Control

Software Clone Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25486 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 289ad9c968ce Credits Mika Required privilege Subscriber...