Vulnerabilities > Automattic > Jetpack CRM > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-20 | CVE-2022-3342 | Deserialization of Untrusted Data vulnerability in Automattic Jetpack CRM The Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf’ parameter in the 'zeroBSCRM_CSVImporterLitehtml_app' function in versions up to, and including, 5.3.1. | 8.8 |