Lucene search

[email protected]NVD:CVE-2024-5649

HistoryJun 19, 2024 - 4:15 a.m.

CVE-2024-5649

2024-06-1904:15:13

CWE-502

[email protected]

web.nvd.nist.gov

universal slider

wordpress

php object injection

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

20.0%

JSON

The Universal Slider plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.6.5 via deserialization of untrusted input ‘fsl_get_gallery_value’ function. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

Affected configurations

Nvd

Node

webhuntinfotechuniversal_sliderRange≤1.6.5wordpress

VendorProductVersionCPE
webhuntinfotechuniversal_slider*cpe:2.3:a:webhuntinfotech:universal_slider:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
webhuntinfotech	universal_slider	*	cpe:2.3:a:webhuntinfotech:universal_slider::::::wordpress::*

References

plugins.trac.wordpress.org/browser/fusion-slider/trunk/fusion-slider.php#L692

www.wordfence.com/threat-intel/vulnerabilities/id/8f8bd107-5459-4093-8593-deedec6ffcd6?source=cve

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

20.0%

JSON

Related for NVD:CVE-2024-5649

cvelist1 cve1 vulnrichment1 wordfence1