Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-1347

Disclosure Date: May 08, 2023 (last updated October 08, 2023)
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0