ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Category Order and Taxonomy Terms Order plugin <=1.5.2.2 - Authenticated PHP Object Injection vulnerability

Product
Category Order and Taxonomy Terms Order
Description
Authenticated PHP Object Injection vulnerability found in WordPress Category Order and Taxonomy Terms Order plugin (versions <=1.5.2.2).
Solution
Update the WordPress Category Order and Taxonomy Terms Order plugin to the latest available version (at least 1.5.3).
Classification
Type PHP Object Injection
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=1.5.2.2
Fixed In 1.5.3
Disclosure date
2018-03-02
Submitter
ThreatPress