CVE-2024-49218 – WordPress Recently plugin <= 1.1 - PHP Object Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-49218
Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object Injection.This issue affects Recently: from n/a through 1.1. La vulnerabilidad de deserialización de datos no confiables en Imran Akash Recently permite la inyección de objetos. Este problema afecta recientemente a: desde n/a hasta 1.1. The Recently plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. • https://patchstack.com/database/vulnerability/recently-viewed-most-viewed-and-sold-products-for-woocommerce/wordpress-recently-plugin-1-1-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •