Vulnerabilità Plugin WordPress (qui per esteso) fonte: NIST CVES
AnalyticsWP CM FAQ – Simplify support with an intuitive FAQ management tool Civi - Job Board & Freelance Marketplace WordPress Theme DethemeKit for Elementor Directory Listings WordPress Download Manager WordPress GDPR Cookie Compliance WordPress GiveWP – Donation InstaWP Connect – 1-click WP Staging & Migration LoginPress | wp-login Custom Login Page Customizer Omnipress Poll Maker WordPress Portfolio and Projects Realteo - Real Estate School Management System – WPSchoolPress Search & Filter Pro ShareThis Dashboard for Google Analytics SoundRise Music Thumbnail carousel slider Tripetto VidoRev Extensions WC Affiliate – A Complete WooCommerce Affiliate WP Ghost (Hide My WP Ghost) – Security & Firewall WP JobHunt WP Test Email WP01 WPCOM Member WordPress form builder Zoorum Comments all versions up to, and including, 4.19.0 via deserialization of untrusted input in the 'add_ciyashop_wishlist' and 'ciyashop_get_compare' functions. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another pixelstats
