This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical PHP Object Injection flaw in the Woo Inquiry plugin. π **Consequences**: Attackers can inject malicious PHP objects via untrusted input in `_ultimate_store_kit_compare_products`.β¦
π― **Affected**: WordPress Plugin **Ultimate Store Kit** by **bdthemes**. π¦ **Version**: **1.6.4** and all previous versions. β οΈ **Component**: Specifically the `includes/helper.php` file.
Q4What can hackers do? (Privileges/Data)
π **Capabilities**: Full Remote Code Execution (RCE). π **Privileges**: Attackers gain **High** impact on Confidentiality, Integrity, and Availability (CVSS H:H:H).β¦
π **Threshold**: **LOW**. π **Access**: Network vector (AV:N), Low Complexity (AC:L), No Privileges Required (PR:N), No User Interaction (UI:N). Any visitor can trigger the exploit without logging in.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π΅οΈ **Exploit Status**: Public references exist (WordFence, WP Trac). π **PoC**: While specific code isn't in the data, the vulnerability path (`helper.php` line 1103) is documented.β¦
π **Self-Check**: Scan for **Ultimate Store Kit** plugin version **β€ 1.6.4**. π **File Check**: Look for `_ultimate_store_kit_compare_products` in `wp-content/plugins/ultimate-store-kit/includes/helper.php`.β¦
π οΈ **Fix**: Yes, an official patch is available. π **Reference**: Revision **3135472** in the WordPress plugin trac. π **Action**: Update the plugin to the latest version immediately to patch the deserialization flaw.
Q9What if no patch? (Workaround)
π§ **Workaround**: If patching is delayed, disable the **Woo Inquiry** feature or the specific comparison function.β¦
π₯ **Priority**: **CRITICAL**. π¨ **Urgency**: Immediate action required. With CVSS High severity and no auth required, this is a prime target for automated bots. Patch now to prevent RCE.