CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49772 – WordPress Genesis Simple Love Plugin <= 2.0 is vulnerable to PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-49772
05 Dec 2023 — Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love.This issue affects Genesis Simple Love: from n/a through 2.0. Vulnerabilidad de deserialización de datos no confiables en Phpbits Creative Studio Genesis Simple Love. Este problema afecta a Genesis Simple Love: desde n/a hasta 2.0. The Genesis Simple Love plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0 via deserialization of untrusted input. This makes it possib... • https://patchstack.com/database/vulnerability/genesis-simple-love/wordpress-genesis-simple-love-plugin-2-0-unauthenticated-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •