Lucene search
WpvulndbWPVDB-ID:8AD3DC73-2C68-4B94-9378-372A39382493HistorySep 28, 2023 - 12:00 a.m.
Essential Blocks < 4.2.1 - Unauthenticated Object Injection
2023-09-2800:00:00
wpscan.com
12
plugin
unauthenticated
object injection
server
deserialization
code execution
Description The plugin doesn’t prevent unauthenticated attackers from deserializing user input, which could allow them to run code on the server if they have a POP chain allowing them to do so.
Related
openvas
openvas
zdt
zdt
packetstorm
packetstorm
wordfence
wordfence
nvd
nvd
CVE-2023-4402
2023-10-20 07:15:15
CVE-2023-4386
2023-10-20 08:15:12
wpvulndb
wpvulndb
prion
prion
Deserialization of untrusted data
2023-10-20 07:15:00
Deserialization of untrusted data
2023-10-20 08:15:00
cve
cve
CVE-2023-4386
2023-10-20 08:15:12
CVE-2023-4402
2023-10-20 07:15:15
cvelist
cvelist
CVE-2023-4386
2023-10-20 07:29:27
CVE-2023-4402
2023-10-20 06:35:10
AI Score
7.3
Confidence
High
EPSS
0.002
Percentile
59.0%
Related for WPVDB-ID:8AD3DC73-2C68-4B94-9378-372A39382493