CVE-2022-3425

Description

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

Related CPE's

a sumo google_analyticator *****wordpress **

References

https://wpscan.com/vulnerability/df1c36bb-9861-4272-89c9-ae76e62f687c

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io