Insecure Deserialization Vulnerability in Carts Guru Plugin for WordPress

Insecure Deserialization Vulnerability in Carts Guru Plugin for WordPress

CVE-2019-12241 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php.

Learn more about our Wordpress Pen Testing.