CVE-2022-4327 (anti-malware_security_and_brute-force_firewall)

The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a PHP Object Injection vulnerability due to the unsafe use of unserialize() function. A potential attacker, authenticated as high privilege user could exploit this vulnerability by sending specially crafted requests to the web application containing malicious serialized input.

anti-malware application brute brute-force cve exploit firewall function high injection input malicious malware malware security object php plugin privilege requests security the web vulnerability web web application wordpress wordpress plugin