VYPR
Unrated severityNVD Advisory· Published May 30, 2023· Updated Jan 10, 2025

Otter - Gutenberg Blocks < 2.2.6 - Author+ PHAR Deserialization

CVE-2023-2288

Description

The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP < 8.0 using the phar:// stream wrapper.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • WordPress/Otterdescription
  • Inedo/Otterllm-fuzzy
    Range: <2.2.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.