CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23513 – WordPress PropertyHive Plugin <= 2.0.5 is vulnerable to PHP Object Injection
https://notcve.org/view.php?id=CVE-2024-23513
30 Jan 2024 — Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.5. Vulnerabilidad de deserialización de datos no confiables en PropertyHive. Este problema afecta a PropertyHive: desde n/a hasta 2.0.5. The PropertyHive plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.5 via deserialization of untrusted input from the 'propertyhive_currency' cookie value. This makes it possible for unauthenticated attacker... • https://patchstack.com/database/vulnerability/propertyhive/wordpress-propertyhive-plugin-2-0-5-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •