The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-01-30T20:31:43.188Z
Updated: 2024-08-03T01:48:39.943Z
Reserved: 2022-12-23T04:33:14.344Z
Link: CVE-2022-4680
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-01-30T21:15:11.830
Modified: 2024-11-21T07:35:43.380
Link: CVE-2022-4680
Redhat
No data.