CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25100 – WordPress Coupon Referral Program Plugin <= 1.7.2 is vulnerable to PHP Object Injection
https://notcve.org/view.php?id=CVE-2024-25100
05 Feb 2024 — Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. Vulnerabilidad de deserialización de datos no confiables en WP Swings Coupon Referral Program. Este problema afecta a Coupon Referral Program: desde n/a hasta 1.7.2. The Coupon Referral Program plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.7.2 via deserialization of untrusted input. This makes it possible... • https://patchstack.com/database/vulnerability/coupon-referral-program/wordpress-coupon-referral-program-plugin-1-7-2-unauthenticated-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •