Pham Nguyen Khoa

Name of the Vulnerable Software and Affected Versions: Friends plugin for WordPress version 3.5.1 Description: The Friends plugin for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted input of the `query vars` parameter. This allows authenticated attackers with subscriber-level access or higher to inject a PHP Object. The vulnerability has no impact unless another plugin or theme containing a PHP Object Payload (POP) chain is installed on the site. If a POP chain is present, an attacker may be able to perform actions such as deleting arbitrary files, retrieving sensitive data, or executing code. Exploitation requires access to the site's `SALT NONCE` and `SALT KEY`. Recommendations: Update to a newer version of the Friends plugin for WordPress that addresses this issue.