CVE Vulnerabilities

CVE-2022-4043

Published: Jan 09, 2023 | Modified: Nov 07, 2023
CVSS 3.x
7.2
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

Affected Software

Name Vendor Start Version End Version
Wp_custom_admin_interface Wp_custom_admin_interface_project * 7.29 (excluding)

References