Skip to main content

Carts Guru

1 CVEs product

Monthly

CVE-2019-12241 CRITICAL POC Act Now

The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP WordPress Deserialization Carts Guru
NVD
CVSS 3.0
9.8
EPSS
2.3%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP WordPress Deserialization +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy