Ocdi: >> One Click Demo Import >> 1.1.2 Security Vulnerabilities
Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0.
CVSS Score
4.4
EPSS Score
0.003
Published
2024-05-14
The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed
CVSS Score
7.2
EPSS Score
0.012
Published
2022-04-11