Description
The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress for Google Maps-WP MAPS Cross-Site Request Forgery (4.0.9)
WordPress Plugin Duplicator-WordPress Migration Arbitrary File Disclosure (0.3.0)
WordPress Plugin Elementor Website Builder Multiple Cross-Site Scripting Vulnerabilities (3.1.1)
Oracle JRE CVE-2013-2407 Vulnerability (CVE-2013-2407)
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-1679)