Description
It was determined that your web application is performing PHP object deserialization of user-supplied data. Arbitrary object deserialization is inherently unsafe, and should never be performed on untrusted data. Consult Web references section for more information about this issue.
Remediation
PHP object deserialization should not be performed on user-supplied data. Do not use the unserialize() function with user-supplied input, use JSON functions instead.
References
Related Vulnerabilities
WordPress Plugin WP Image Zoom Denial of Service (1.23)
WordPress Plugin JS Help Desk (formerly JS Support Ticket) SQL Injection (2.1.0)
WordPress Plugin Build App Online SQL Injection (1.0.18)
WordPress Plugin Events Manager Extended 'admin.php' SQL Injection (3.1.2)
WordPress Plugin WP Bannerize 'ajax_sorter.php' SQL Injection (2.8.7)