Description
The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
Remediation
References
Related Vulnerabilities
WordPress Plugin Favicon by RealFaviconGenerator Unspecified Vulnerability (1.2.13)
WebLogic CVE-2017-10352 Vulnerability (CVE-2017-10352)
WordPress Plugin Divi Builder Arbitrary File Upload (4.5.2)
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2019-12855)
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.14)