Product

WooCommerce Infinite Scroll and Ajax Pagination <= 1.8

1 brief RSS

WooCommerce Infinite Scroll Plugin Vulnerable to PHP Object Injection (CVE-2025-11993)

The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection (CVE-2025-11993) due to deserialization of untrusted data in the 'import_settings' function, potentially leading to arbitrary code execution if a suitable POP chain is present.

WooCommerce Infinite Scroll and Ajax Pagination <= 1.8 php-object-injection wordpress woocommerce cve-2025-11993

2r 1t 1c 1d ago