The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the upload[file] parameter in versions up to, and including 3.3.3. This makes it possible for authenticated administrative users to call files using a PHAR wrapper, that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present.
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Easy_digital_downloads | Awesomemotive | * | 3.3.4 (excluding) |