CVE-2017-18604

The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:sitebuilder_dynamic_components_project:sitebuilder_dynamic_components:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2019-09-10 12:15

Updated : 2024-02-28 17:08


NVD link : CVE-2017-18604

Mitre link : CVE-2017-18604

CVE.ORG link : CVE-2017-18604


JSON object : View

Products Affected

sitebuilder_dynamic_components_project

  • sitebuilder_dynamic_components
CWE
CWE-502

Deserialization of Untrusted Data

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')