Kadence WooCommerce Email Designer, CVE-2022-3335

CVE, Research URL: CVE-2022-3335
Home page URL: Security reports for Kadence WooCommerce Email Designer
Application: Kadence WooCommerce Email Designer
Published on: Oct 25, 2022
Research Description: The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
Affected versions: Min -, max 1.5.12.
Status: vulnerable