The Weaver Xtreme Theme Support WordPress plugin before 6.3.1 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import a malicious file and a suitable gadget chain is present on the blog.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-10-16T19:38:52.844Z
Updated: 2024-08-02T07:44:53.504Z
Reserved: 2023-09-14T18:46:15.120Z
Link: CVE-2023-4971
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-10-16T20:15:17.403
Modified: 2024-11-21T08:36:22.500
Link: CVE-2023-4971
Redhat
No data.