CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1347 – Customizer Export/Import < 0.9.6 - Admin+ PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-1347
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present The Customizer Export/Import for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 0.9.5 via deserialization of untrusted input from an imported file. This allows administrator-level attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. • https://wpscan.com/vulnerability/356a5977-c90c-4fc6-98ed-032d5b27f272 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3380 – Customizer Export/Import < 0.9.5 - Admin+ PHP Objection Injection
https://notcve.org/view.php?id=CVE-2022-3380
The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports (intentionally or not) a malicious file and a suitable gadget chain is present on the blog. El complemento Customizer Export/Import de WordPress anterior a 0.9.5 deserializa el contenido de un archivo importado, lo que podría provocar problemas de inyección de objetos PHP cuando un administrador importa (intencionalmente o no) un archivo malicioso y hay una cadena de gadgets adecuada presente en el blog. The Customizer Export/Import for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 0.9.4 via deserialization of untrusted input from an imported file. This allows administrator-level attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. • https://wpscan.com/vulnerability/a42272a2-f9ce-4aab-9a94-8a4d85008746 • CWE-502: Deserialization of Untrusted Data •