Vulnerabilities > Automattic > Jetpack CRM > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-20 CVE-2022-3342 Deserialization of Untrusted Data vulnerability in Automattic Jetpack CRM
The Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf’ parameter in the 'zeroBSCRM_CSVImporterLitehtml_app' function in versions up to, and including, 5.3.1.
network
low complexity
automattic CWE-502
8.8