CVE-2013-4338

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Information

Published : 2013-09-12 06:28

Updated : 2013-10-01 21:29


NVD link : CVE-2013-4338

Mitre link : CVE-2013-4338


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

wordpress

  • wordpress