Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-4643

Disclosure Date: October 16, 2023 (last updated October 21, 2023)
The Enable Media Replace WordPress plugin before 4.1.3 unserializes user input via the Remove Background feature, which could allow Author+ users to perform PHP Object Injection when a suitable gadget is present on the blog
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0