High severity7.2NVD Advisory· Published Oct 31, 2022· Updated Jun 17, 2026
CVE-2022-3380
CVE-2022-3380
Description
The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Customizer Export/Importdescription
- Range: <0.9.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/a42272a2-f9ce-4aab-9a94-8a4d85008746nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.