Lucene search

K
wpvulndbWpvulndbWPVDB-ID:C4B510F5-AFD6-4E18-9F7B-72CBCBDCFE53
HistoryMay 01, 2024 - 12:00 a.m.

Custom field finder < 0.4 - Authenticated (Author+) PHP Object Injection

2024-05-0100:00:00
wpscan.com
5
wordpress
vulnerable
authenticated
php object injection
deserialization
untrusted input
author-level access
pop chain
arbitrary files
sensitive data
code execution
plugin
theme

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

Description The Custom field finder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.3 via deserialization of untrusted input. This makes it possible for authenticated attackers, with author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

CPENameOperatorVersion
eq0.4

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

Related for WPVDB-ID:C4B510F5-AFD6-4E18-9F7B-72CBCBDCFE53