PT-2019-8536 · WordPress · Gravitate-Qa-Tracker

Published

2019-09-10

Updated

2019-09-10

CVE-2017-18605

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions gravitate-qa-tracker plugin versions 1.2.1 and earlier

Description The issue concerns PHP Object Injection in the gravitate-qa-tracker plugin for WordPress.

Recommendations For versions 1.2.1 and earlier, update to a version that fixes the PHP Object Injection issue.

Fix

Special Elements Injection

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2017-18605

Gravitate-Qa-Tracker