CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52430 – WordPress Lis Video Gallery plugin <= 0.2.1 - PHP Object Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-52430
Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through 0.2.1. La vulnerabilidad de deserialización de datos no confiables en Lis Lis Video Gallery permite la inyección de objetos. Este problema afecta a Lis Video Gallery: desde n/a hasta 0.2.1. The Lis Video Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 0.2.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. • https://patchstack.com/database/vulnerability/lis-video-gallery/wordpress-lis-video-gallery-plugin-0-2-1-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •