| |
Vulnerability CVE-2022-3417
Published: 2023-01-09 Modified: 2023-01-10
| Description: |
The WPtouch WordPress plugin before 4.3.45 unserialises the content of an imported settings file, which could lead to PHP object injections issues when an user import (intentionally or not) a malicious settings file and a suitable gadget chain is present on the blog. |
Type:
CWE-502 (Deserialization of Untrusted Data)
References: |
https://wpscan.com/vulnerability/55772932-eebd-475b-b5df-e80fab288ee5
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
