CVE-2023-6528

The Slider Revolution WordPress plugin before 6.6.19 does not prevent users with at least the Author role from unserializing arbitrary content when importing sliders, potentially leading to Remote Code Execution.
Configurations

Configuration 1 (hide)

cpe:2.3:a:themepunch:slider_revolution:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 08:44

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-08 19:15

Updated : 2024-11-21 08:44


NVD link : CVE-2023-6528

Mitre link : CVE-2023-6528

CVE.ORG link : CVE-2023-6528


JSON object : View

Products Affected

themepunch

  • slider_revolution
CWE
CWE-502

Deserialization of Untrusted Data