Description
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Keyword Link Multiple Cross-Site Scripting Vulnerabilities (1.7)
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.4.2)
WordPress Plugin MW WP Form Security Bypass (4.4.5)
GlassFish Use of Hard-coded Credentials Vulnerability (CVE-2018-14324)