Weaver Xtreme Theme Support, CVE-2023-4971

CVE, Research URL: CVE-2023-4971
Home page URL: Security reports for Weaver Xtreme Theme Support
Application: Weaver Xtreme Theme Support
Published on: Oct 17, 2023
Research Description: The Weaver Xtreme Theme Support WordPress plugin before 6.3.1 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import a malicious file and a suitable gadget chain is present on the blog.
Affected versions: Min -, max 6.3.1.
Status: vulnerable