WordPress is an open publishing platform for the Web. Unserialization of instances of the `WP_HTML_Token` class allows for code execution via its `__destruct()` magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-04-04T23:00:17.782Z
Updated: 2024-06-04T17:36:13.480Z
Reserved: 2024-03-29T14:16:31.900Z
Link: CVE-2024-31211
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-04-04T23:15:16.333
Modified: 2024-04-05T12:40:52.763
Link: CVE-2024-31211
JSON object: View
Redhat Information
No data.
CWE