RSS   Vulnerabilities for 'Totop link'   RSS

2021-12-13
 
CVE-2021-24857

CWE-502
 

 
The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize() PHP function, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain.

 


Copyright 2024, cxsecurity.com

 

Back to Top