Unrated severityNVD Advisory· Published Dec 12, 2022· Updated Apr 22, 2025
Shortcodes and extra features for Phlox theme < 2.10.7 - PHP Objection Injection
CVE-2022-3359
Description
The Shortcodes and extra features for Phlox theme WordPress plugin before 2.10.7 unserializes the content of an imported file, which could lead to PHP object injection when a user imports (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Shortcodes and extra features for Phlox themedescription
- Range: <2.10.7
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/08f3ce22-94a0-496a-aaf9-d35b6b0f5bb6mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.