Md Yeasin Ul Haider URL Shortener
Easy fix1 remedy
cpe:2.3:a:url_shortener_project:url_shortener:*:*:*:*:*:*:*
Easy fix1 remedy
- <= 3.0.7
WordPress URL Shortener PHP Object Injection Vulnerability
Vulnerability
A deserialization vulnerability allowing object injection has been identified in the WordPress URL Shortener plugin, affecting versions through 3.0.7. This vulnerability could lead to various types of code injection, including SQL injection, path traversal, and denial-of-service, if exploited within a suitable context.
Impact
Exploitation of this vulnerability could allow for PHP object injection, potentially leading to arbitrary code execution, SQL injection, path traversal, denial-of-service, and other impacts, depending on the presence of a suitable payload chain.
Remediation
Users of the WordPress URL Shortener plugin are advised to update to version 3.0.8 or later, where this vulnerability has been addressed. For those unable to update immediately, Patchstack offers a virtual patch that can be applied to mitigate the vulnerability until an official update is available.
Added: Jul 16, 2025, 2:37 PM
Updated: Jul 16, 2025, 5:18 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
10.0exploitability
4.7remediation
7.9relevance
0.3threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.