Unrated severityNVD Advisory· Published May 30, 2023· Updated Jan 10, 2025
Otter - Gutenberg Blocks < 2.2.6 - Author+ PHAR Deserialization
CVE-2023-2288
Description
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP < 8.0 using the phar:// stream wrapper.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Otterdescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/93acb4ee-1053-48e1-8b69-c09dc3b2f302mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.