AJAX Random Posts <= 0.3.3 - Unauthenticated PHP Object Injection

2017-05-21T00:00:00
ID WPVDB-ID:8823
Type wpvulndb
Reporter Robert R
Modified 2019-11-01T00:00:00

Description

WordPress Vulnerability - AJAX Random Posts <= 0.3.3 - Unauthenticated PHP Object Injection

PoC

Attack is exploitable over AJAX calls on sites with the ajax-random-posts Plugin enabled.