← volver
CVE-2023-6528

Slider Revolution < 6.6.19 - Author+ Insecure Deserialization leading to RCE

CVSS 8.8 HIGHEPSS 1.4%
The Slider Revolution WordPress plugin before 6.6.19 does not prevent users with at least the Author role from unserializing arbitrary content when importing sliders, potentially leading to Remote Code Execution.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Unknown · Slider Revolution

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wpscan.com/vulnerability/36ced447-84ea-4162-80d2-6df226cb53cb