The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
References
Configurations
History
21 Nov 2024, 08:44
Type | Values Removed | Values Added |
---|---|---|
References | () https://plugins.trac.wordpress.org/browser/better-search-replace/trunk/includes/class-bsr-db.php#L334 - Exploit | |
References | () https://plugins.trac.wordpress.org/changeset/3023674/better-search-replace/trunk/includes/class-bsr-db.php - Patch | |
References | () https://www.wordfence.com/threat-intel/vulnerabilities/id/895f2db1-a2ed-4a17-a4f6-cd13ee8f84af?source=cve - Third Party Advisory |
14 Feb 2024, 21:30
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-502 | |
First Time |
Wpengine
Wpengine better Search Replace |
|
CPE | cpe:2.3:a:wpengine:better_search_replace:*:*:*:*:*:wordpress:*:* | |
References | () https://plugins.trac.wordpress.org/browser/better-search-replace/trunk/includes/class-bsr-db.php#L334 - Exploit | |
References | () https://plugins.trac.wordpress.org/changeset/3023674/better-search-replace/trunk/includes/class-bsr-db.php - Patch | |
References | () https://www.wordfence.com/threat-intel/vulnerabilities/id/895f2db1-a2ed-4a17-a4f6-cd13ee8f84af?source=cve - Third Party Advisory |
05 Feb 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-05 22:15
Updated : 2024-11-21 08:44
NVD link : CVE-2023-6933
Mitre link : CVE-2023-6933
CVE.ORG link : CVE-2023-6933
JSON object : View
Products Affected
wpengine
- better_search_replace
CWE
CWE-502
Deserialization of Untrusted Data