Deserialization of Untrusted Data Vulnerability Affects Coupon Referral Program
CVE-2024-25100
9.8CRITICAL
What is CVE-2024-25100?
A security vulnerability exists in the WP Swings Coupon Referral Program due to improper handling of data deserialization. This issue allows attackers to exploit untrusted data inputs, potentially leading to unauthorized PHP object injection. Specifically, this vulnerability pertains to versions of the Coupon Referral Program ranging from an unspecified version up to 1.7.2, exposing users to risks that compromise the integrity and confidentiality of their web applications.
Affected Version(s)
Coupon Referral Program <= 1.7.2