WordPress Plugin Vulnerabilities
SiteBuilder Dynamic Components <= 1.0 - Unauthenticated PHP Object Injection
Description
The plugin insecurely trusts serialized data submitted over AJAX requests. This opens up the site to a PHP object injection vulnerability potential exploit vector.
Proof of Concept
Affects Plugins
No known fix References
CVE
Classification
Type
OBJECT INJECTION
OWASP top 10
CWE
CVSS
Miscellaneous
Submitter
Robert R
Submitter website
Submitter twitter
Verified
No
WPVDB ID
Timeline
Publicly Published
2017-04-27 (about 8 years ago)
Added
2017-05-21 (about 8 years ago)
Last Updated
2024-10-17 (about 1 year ago)
WPScan 