CVE-2017-18605

CRITICAL

Gravitate-qa-tracker <1.2.1 - Code Injection

Title source: llm

Description

The gravitate-qa-tracker plugin through 1.2.1 for WordPress has PHP Object Injection.

References (2)

Scores

CVSS v3 9.8
EPSS 0.0126
EPSS Percentile 79.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-502 CWE-74
Status published

Affected Products (1)

gravitatedesign/gravitate_qa_tracker < 1.2.1

Timeline

Published Sep 10, 2019
Tracked Since Feb 18, 2026