// For flags

CVE-2020-35939

Team Showcase <= 1.22.15 - Object Injection

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be set to team_import_xml_layouts.

Unas vulnerabilidades de inyección de objetos PHP en el plugin Team Showcase versiones anteriores a 1.22.16 para WordPress, permiten a atacantes autenticados remotos inyectar objetos PHP arbitrarios debido a una deserialización no segura de los datos suministrados en una carga útil hosteada remotamente en el parámetro source por medio de AJAX.&#xa0;La acción debe ser establecida en la función team_import_xml_layouts.

*Credits: Ram
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-09-17 CVE Published
  • 2021-01-01 CVE Reserved
  • 2024-05-06 EPSS Updated
  • 2024-08-04 CVE Updated
  • 2024-08-04 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-502: Deserialization of Untrusted Data
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Pickplugins
Search vendor "Pickplugins"
 Post Grid
Search vendor "Pickplugins" for product "Post Grid"
 < 2.0.73
Search vendor "Pickplugins" for product "Post Grid" and version " < 2.0.73"
wordpress
Affected
Pickplugins
Search vendor "Pickplugins"
 Team Showcase
Search vendor "Pickplugins" for product "Team Showcase"
 < 1.22.16
Search vendor "Pickplugins" for product "Team Showcase" and version " < 1.22.16"
wordpress
Affected