Lucene search
Nguyen Huu DoWPVDB-ID:8C727A31-FF65-4472-8191-B1BECC08192AHistoryApr 06, 2023 - 12:00 a.m.
Formidable Forms < 6.2 - Unauthenticated PHP Object Injection
2023-04-0600:00:00
Nguyen Huu Do
wpscan.com
43
formidable forms
unauthenticated
php object injection
unserializes user input
anonymous users
gadget chain
0.0005 Low
EPSS
Percentile
17.8%
The plugin unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present.
PoC
To simulate a gadget chain, put the following code in a plugin: class Evil { public function __wakeup() : void { die(“Arbitrary deserialization”); } } 1. Active this plugin and create a simple form. 2. Embed form in existing page. 3. Use anonymous user to fill in the text field with O:4:“Evil”:0:{} and submit that form. 4. You will see the “Arbitrary deserialization” result.
| CPE | Name | Operator | Version |
|---|---|---|---|
| formidable | lt | 6.2 |
Related
wpexploit
wpexploit
Formidable Forms < 6.2 - Unauthenticated PHP Object Injection
2023-04-06 00:00:00
nvd
nvd
CVE-2023-1405
2024-01-16 16:15:10
prion
prion
Design/Logic Flaw
2024-01-16 16:15:00
cve
cve
CVE-2023-1405
2024-01-16 16:15:10
cvelist
cvelist
CVE-2023-1405 Formidable Forms < 6.2 - Unauthenticated PHP Object Injection
2024-01-16 15:56:18
wordfence
wordfence