PT-2024-24910 · Webtoffee · Webtoffee Import Export Wordpress Users

Trình Vũ

Published

2024-04-24

Updated

2024-04-24

CVE-2024-32835

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions WebToffee Import Export WordPress Users versions 2.5.3 and earlier

Description The issue is related to the deserialization of untrusted data. This can potentially lead to security issues when untrusted data is processed by the WebToffee Import Export WordPress Users plugin.

Recommendations For versions 2.5.3 and earlier, update to a version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2024-32835

Affected Products

Webtoffee Import Export Wordpress Users

PT-2024-24910 · Webtoffee · Webtoffee Import Export Wordpress Users

CVE-2024-32835

Weakness Enumeration

Related Identifiers

Affected Products

References · 3