CVE-2018-15576

Name of the Vulnerable Software and Affected Versions EasyLogin Pro versions prior to 1.3.1

Description An issue was discovered in EasyLogin Pro where the Encryptor.php file contains an unserialize call that can be exploited for remote code execution in the decrypt function. This can happen if the attacker knows the key.

Recommendations For versions prior to 1.3.1, update to version 1.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the decrypt function in Encryptor.php until a patch is available.