The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2022-10-25T00:00:00
Updated: 2024-08-03T01:07:06.557Z
Reserved: 2022-09-27T00:00:00
Link: CVE-2022-3335
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-10-25T17:15:57.033
Modified: 2022-10-26T01:41:26.360
Link: CVE-2022-3335
Redhat
No data.