Vulnerability CVE-2022-3359


Published: 2022-12-12

Description:
The Shortcodes and extra features for Phlox WordPress plugin through 2.10.5 unserializes the content of an imported file, which could lead to PHP object injection when a user imports (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.

Type:

CWE-502

(Deserialization of Untrusted Data)

 References:
https://wpscan.com/vulnerability/08f3ce22-94a0-496a-aaf9-d35b6b0f5bb6

Copyright 2026, cxsecurity.com

 

Back to Top