CVE-2024-50507 – WordPress DS.DownloadList plugin <= 1.3 - PHP Object Injection vulnerability

https://notcve.org/view.php?id=CVE-2024-50507

28 Oct 2024 — Deserialization of Untrusted Data vulnerability in Daniel Schmitzer DS.DownloadList allows Object Injection.This issue affects DS.DownloadList: from n/a through 1.3. La vulnerabilidad de deserialización de datos no confiables en DS.DownloadList de Daniel Schmitzer permite la inyección de objetos. Este problema afecta a DS.DownloadList: desde n/a hasta 1.3. The DS.DownloadList plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3 via deserialization of untrusted... • https://github.com/RandomRobbieBF/CVE-2024-50507 • CWE-502: Deserialization of Untrusted Data •