1 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through 0.2.1. La vulnerabilidad de deserialización de datos no confiables en Lis Lis Video Gallery permite la inyección de objetos. Este problema afecta a Lis Video Gallery: desde n/a hasta 0.2.1. The Lis Video Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 0.2.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. • https://patchstack.com/database/vulnerability/lis-video-gallery/wordpress-lis-video-gallery-plugin-0-2-1-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •