ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 3.6.0 - Arbitrary Code Execution

Product
WordPress
Description
Unsafe PHP unserialization in wp-includes/functions.php could cause arbitrary code execution.
Solution
Update the plugin.
Classification
Type Arbitrary Code Execution
References
CVE Mitre
CVE
Name CVE-2013-4338
Versions
Affected In <= 3.6.0
Fixed In 3.6.1
Disclosure date
2013-06-12