Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Essential Blocks Pro Multiple PHP Object Injection Vulnerabilities - CVE-2023-4386 - Vulnerability Database
WP Plugin Essential Blocks Pro

WordPress Plugin Essential Blocks Pro Multiple PHP Object Injection Vulnerabilities - CVE-2023-4386

High
Reference: CVE-2023-4386
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-4386
Title: WordPress Plugin Essential Blocks Pro Multiple PHP Object Injection Vulnerabilities
Overview:

WordPress Plugin Essential Blocks Pro is prone to multiple vulnerabilities that lets remote attackers inject and execute arbitrary code because the application fails to sanitize user-supplied input before being passed to the unserialize() PHP function. Attackers can possibly exploit these issues to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin Essential Blocks Pro version 1.1.0 is vulnerable prior versions may also be affected.