PT-2024-23248 · Shapedplugin · Carousel+3
Hoanpk
·
Published
2024-04-10
·
Updated
2024-04-10
·
CVE-2024-3020
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Plugin versions up to and including 2.6.3
Description
The issue allows authenticated attackers with administrator-level access to inject a PHP Object via deserialization of untrusted input in the import function using the
shortcode parameter. If a POP chain is present via an additional plugin or theme, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.Recommendations
For versions up to and including 2.6.3, update to a version that fixes the PHP Object Injection issue to prevent exploitation.
As a temporary workaround, consider restricting access to the import function and the
shortcode parameter to minimize the risk of exploitation.Fix
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Carousel
Logo Carousel
Post Grid
Product Slider For Woocommerce