We found results for “”
CVE-2023-0232
Good to know:
Date: February 21, 2023
The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection.
Language: PHP
Severity Score
Related Resources (4)
Severity Score
Weakness Type (CWE)
Deserialization of Untrusted Data
CWE-502Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |