Source |
CVE Liste |
Identifiant |
7756730 |
Date de publication |
2022-10-31 16:15:11 (vue: 2022-10-31 19:07:00) |
Titre |
CVE-2022-3374 |
Texte |
The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import (intentionally or not) a malicious Customizer Styling file and a suitable gadget chain is present on the blog. |
Envoyé |
Oui |
Condensat |
2022 3374 before blog chain content could customizer cve extra file gadget high import imported injections intentionally issues lead malicious not object ocean php plugin present privilege styling suitable unserialises user when which wordpress |
Tags |
Guideline
|
Stories |
APT 32
|
Notes |
|
Move |
|