← Voltar para CVEs
CVE-2023-6528
HIGH8.8
Descricao
The Slider Revolution WordPress plugin before 6.6.19 does not prevent users with at least the Author role from unserializing arbitrary content when importing sliders, potentially leading to Remote Code Execution.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado1/8/2024
Ultima modificacao6/3/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
themepunch:slider_revolution
Fraquezas (CWE)
CWE-502
Referencias
https://wpscan.com/vulnerability/36ced447-84ea-4162-80d2-6df226cb53cb(contact@wpscan.com)
https://wpscan.com/vulnerability/36ced447-84ea-4162-80d2-6df226cb53cb(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.