AI Score
Confidence
High
EPSS
Percentile
59.0%
Description The plugin doesn’t prevent unauthenticated attackers from deserializing user input, which could allow them to run code on the server if they have a POP chain allowing them to do so.
www.wordfence.com/blog/2023/09/two-php-object-injection-vulnerabilities-fixed-in-essential-blocks/