Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Vimeography: Vimeo Video Gallery WordPress Plugin 2.3.2

  • Severity: high-risk
  • Status: Fixed
  • Publication: March 4, 2024

The Vimeography plugin for WordPress is at risk of being hacked. This can happen because of a vulnerability called PHP Object Injection, which is present in all versions up to and including 2.3.2. This vulnerability allows attackers who have contributor access or higher to inject a type of code called PHP Object. This can be dangerous because it could potentially allow the attacker to delete files, access private information, or run their own code. The plugin itself does not have any protection against this, but if another plugin or theme on the website also has this vulnerability, it could make the situation even worse.

Detected in:

Vimeography: Vimeo Video Gallery WordPress Plugin fixed vulnerable versions: >= * <= 2.3.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.