CVE-2013-4338

EPSS 9.6%

wordpress - several

發布日:2013/9/12修改日:2026/5/27

描述

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.

受影響套件(2)

Debian/wordpressfrom 0, < 3.6.1+dfsg-1
Debian/wordpressfrom 0, < 3.6.1+dfsg-1~deb6u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4338