WordPress UltraPress theme <= 1.2.1 - Authenticated (Contributor+) PHP Object Injection vulnerability

Authenticated Contributor+ PHP Object Injection vulnerability discovered by Francesco Carlucci in WordPress Theme UltraPress versions = 1.2.1...

WordPress UltraPress Theme <= 1.2.1 is vulnerable to PHP Object Injection

Software UltraPress Type Theme Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-7434 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 4b0bbff9d028 Credits Francesco Carlucci Required privilege...