Vulnerability CVE-2022-3425


Published: 2023-01-23

Description:
The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

Type:

CWE-502

(Deserialization of Untrusted Data)

 References:
https://wpscan.com/vulnerability/df1c36bb-9861-4272-89c9-ae76e62f687c

Copyright 2026, cxsecurity.com

 

Back to Top