Filtered by vendor Nocean
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-24857 | 1 Nocean | 1 Totop Link | 2021-12-16 | 7.5 HIGH | 9.8 CRITICAL |
The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize() PHP function, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain. |