Description
The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2023-22040 Vulnerability (CVE-2023-22040)
MySQL CVE-2020-14848 Vulnerability (CVE-2020-14848)
WordPress Plugin VaultPress Man-in-The-Middle (MiTM) Remote Code Execution (1.8.6)
WordPress Plugin Bulk Datetime Change Security Bypass (1.11)
WordPress Plugin Automated Editor Cross-Site Scripting (1.3)