漏洞信息
WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. The Welcart e-Commerce plugin assists you to build online shop system.
An unspecified PHP object injection vulnerability exists in the affected WordPress plugin versions that could allow an unauthenticated, remote attacker to execute arbitrary PHP code via crafted serialized data.
Versions Affected:
Welcart e-Commerce plugin prior to 1.8.3
漏洞危害
Successful exploitation allows remote, unauthenticated attackers to execute arbitrary PHP code on a targeted system.
解决方案
Customers are advised to upgrade to Welcart e-Commerce 1.8.3 or later versions to remediate this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论