CVE-2024-39630Deserialization of Untrusted Data in Timetable AND Event Schedule

CWE-502Deserialization of Untrusted Data3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 62.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Motopress Timetable AND Event Schedule
Timeline
PublishedAug 1

Description

Deserialization of Untrusted Data vulnerability in MotoPress Timetable and Event Schedule allows Object Injection.This issue affects Timetable and Event Schedule: from n/a through 2.4.13.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:LExploitability: 1.3 | Impact: 3.7

Affected Packages1 packages

CVEListV5motopress/timetable_and_event_schedulen/a2.4.13

🔴Vulnerability Details

2
CVEList
WordPress Timetable and Event Schedule by MotoPress plugin <= 2.4.13 - PHP Object Injection vulnerability2024-08-01
GHSA
GHSA-xhpv-xmqr-mf62: Deserialization of Untrusted Data vulnerability in MotoPress Timetable and Event Schedule allows Object Injection2024-08-01
CVE-2024-39630 — Deserialization of Untrusted Data | cvebase