ThreatPress

WordPress Vulnerabilities Database

Back

WordPress MarketPress plugin <=3.2.6 - PHP Object Injection vulnerability

Product
MarketPress – WordPress eCommerce
Description
PHP Object Injection vulnerability found by Robert R in WordPress MarketPress plugin (versions <=3.2.6 ).
Solution
Update the WordPress MarketPress plugin to the latest available version (at least 3.2.7).
Classification
Type Direct static code injection
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 3.2.6
Fixed In 3.2.7
Disclosure date
2017-09-28
Credits
Robert R
Submitter
ThreatPress