Lucene search
Thinhnguyen1337WPEX-ID:FFFF8C83-0A59-450A-9B40-C7F3AF7205FCHistoryDec 13, 2022 - 12:00 a.m.
WP Custom Admin Interface < 7.29 - Admin+ PHP Object Injection
2022-12-1300:00:00
thinhnguyen1337
173
wordpress
admin interface
php object injection
security exploit
0.001 Low
EPSS
Percentile
36.8%
The plugin unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
action=import_settings&settings=O%3a4%3a%22Evil%22%3a0%3a%7b%7d%3b&security=6960d7bb50
Related
cve
cve
CVE-2022-4043
2023-01-09 23:15:27
cvelist
cvelist
CVE-2022-4043 WP Custom Admin Interface < 7.29 - Admin+ PHP Object Injection
2023-01-09 22:13:30
prion
prion
Design/Logic Flaw
2023-01-09 23:15:00
nvd
nvd
CVE-2022-4043
2023-01-09 23:15:27
wpvulndb
wpvulndb
WP Custom Admin Interface < 7.29 - Admin+ PHP Object Injection
2022-12-13 00:00:00