CVE-2026-1235
The WP eCommerce WordPress plugin through 3.15.1 unserializes user input via ajax actions, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog.
Vendor
-
Product
-
CWE
Yayın Tarihi
2026-02-11 06:15:51
Güncelleme
2026-02-11 16:16:03
Source Identifier
contact@wpscan.com
KEV Date Added
-