WordPress File Manager Plugin <= 5.2.7 is vulnerable to PHP Object Injection
CVE-2022-47599
5.5MEDIUM
Key Information:
- Vendor
- WordPress
- Vendor
- CVE Published:
- 20 December 2023
Summary
Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager: from n/a through 5.2.7.
Affected Version(s)
File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager <= 5.2.7
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
rezaduty (Patchstack Alliance)