CVE-2021-4451 - "NinjaFirewall WordPress Authenticated PHAR Deserialization Vulnerability"

1 month ago 14
ARTICLE AD BOX
CVE ID : CVE-2021-4451
Published : Oct. 16, 2024, 7:15 a.m. | 24 minutes ago
Description : The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in versions up to, and including, 4.3.3. This allows authenticated attackers to perform phar deserialization on the server. This deserialization can allow other plugin or theme exploits if vulnerable software is present (WordPress, and NinjaFirewall).
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article