CVE-2023-52200

WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection

CVSS 9.6 CRITICALEPSS 0.3%CWE-352 CWE-502

Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: n/a.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Produtos afetados

Repute Infosystems · ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-lite-plugin-4-0-22-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability?_s_id=cve