The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.5 via deserialization of untrusted input in the 'devvn_ihotspot_shortcode_func' function. This makes it possible for authenticated attackers, with Author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
Metrics
Affected Vendors & Products
References
History
Mon, 26 Aug 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Le Van Toan
Le Van Toan image Hotspot By Devvn |
|
CPEs | cpe:2.3:a:le_van_toan:image_hotspot_by_devvn:*:*:*:*:*:*:*:* | |
Vendors & Products |
Le Van Toan
Le Van Toan image Hotspot By Devvn |
|
Metrics |
ssvc
|
Sat, 24 Aug 2024 11:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.5 via deserialization of untrusted input in the 'devvn_ihotspot_shortcode_func' function. This makes it possible for authenticated attackers, with Author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |
Title | Image Hotspot by DevVN <= 1.2.5 - Authenticated (Author+) PHP Object Injection | |
Weaknesses | CWE-94 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-08-24T11:36:25.051Z
Updated: 2024-08-26T15:35:17.368Z
Reserved: 2024-08-09T21:35:20.019Z
Link: CVE-2024-7656
Vulnrichment
Updated: 2024-08-26T15:35:09.003Z
NVD
Status : Awaiting Analysis
Published: 2024-08-24T12:15:04.330
Modified: 2024-08-26T12:47:20.187
Link: CVE-2024-7656
Redhat
No data.