The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-05-02T07:04:55.190Z
Updated: 2024-08-02T05:57:24.871Z
Reserved: 2023-03-28T10:05:02.936Z
Link: CVE-2023-1669
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-05-02T08:15:10.180
Modified: 2024-11-21T07:39:39.457
Link: CVE-2023-1669
Redhat
No data.