CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49773 – WordPress BCorp Shortcodes Plugin <= 0.23 is vulnerable to PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-49773
05 Dec 2023 — Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23. Vulnerabilidad de deserialización de datos no confiables en Tim Brattberg BCorp Shortcodes. Este problema afecta a BCorp Shortcodes: desde n/a hasta 0.23. The BCorp Shortcodes plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.23 via deserialization of untrusted input. This makes it possible for unauthenticated attackers... • https://patchstack.com/database/vulnerability/bcorp-shortcodes/wordpress-bcorp-shortcodes-plugin-0-23-unauthenticated-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •