Lucene search
Robert RWPVDB-ID:4401D08C-A145-4BE3-8514-BA794038A6D4HistoryApr 27, 2017 - 12:00 a.m.
SiteBuilder Dynamic Components <= 1.0 - Unauthenticated PHP Object Injection
2017-04-2700:00:00
Robert R
wpscan.com
6
EPSS
0.001
Percentile
34.3%
The plugin sitebuilder-dynamic-components insecurely trusts serialized data submitted over AJAX requests. This opens up the site to a PHP object injection vulnerability potential exploit vector.
PoC
Attack is exploitable over AJAX calls sites with the sitebuilder-dynamic-components Plugin.
Related
prion
prion
Cross site request forgery (csrf)
2019-09-10 12:15:00
wpexploit
wpexploit
SiteBuilder Dynamic Components <= 1.0 - Unauthenticated PHP Object Injection
2017-04-27 00:00:00
nvd
nvd
CVE-2017-18604
2019-09-10 12:15:10
cvelist
cvelist
CVE-2017-18604
2019-09-10 11:08:36
cve
cve
CVE-2017-18604
2019-09-10 12:15:10