Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbRobert RWPVDB-ID:59D71C12-081B-4357-87E1-E15B23FB750E
HistoryApr 27, 2017 - 12:00 a.m.

Gravitate QA Tracker <= 1.2.1 - Unauthenticated PHP Object Injection

2017-04-2700:00:00
Robert R
wpscan.com
7

0.002 Low

EPSS

Percentile

59.8%

JSON

The plugin gravitate-qa-tracker insecurely trusts serialized data submitted over HTTP requests. This opens up the site to a PHP object injection vulnerability potential exploit vector.

PoC

Attack is exploitable over HTTP requests to sites with the gravitate-qa-tracker Plugin. The original researcher notified WordPress Plugins team.

CPENameOperatorVersion
gravitate-qa-trackereq*

Related

prion 1
cve 1
wpexploit 1
cvelist 1
nvd 1
prion
prion
Design/Logic Flaw
2019-09-10 12:15:00
cve
cve
CVE-2017-18605
2019-09-10 12:15:11
wpexploit
wpexploit
Gravitate QA Tracker <= 1.2.1 - Unauthenticated PHP Object Injection
2017-04-27 00:00:00
cvelist
cvelist
CVE-2017-18605
2019-09-10 11:16:21
nvd
nvd
CVE-2017-18605
2019-09-10 12:15:11

0.002 Low

EPSS

Percentile

59.8%

JSON
Related for WPVDB-ID:59D71C12-081B-4357-87E1-E15B23FB750E
prion1cve1wpexploit1cvelist1nvd1