Vulnerability CVE-2023-1347
Published: 2023-05-08

Description:
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present

Type:

CWE-502

 (Deserialization of Untrusted Data)

 References:
https://wpscan.com/vulnerability/356a5977-c90c-4fc6-98ed-032d5b27f272
Copyright 2026, cxsecurity.com

 

Back to Top