CNNVD-202508-2993 Information
CNNVD ID
CNNVD-202508-2993
Related CVE
- CNNVD Published: 2025-08-25
Description (Chinese)
Adminer是Adminer开源的一个 WordPress 插件。允许 WordPress 管理员快速进行数据库管理。 Adminer 4.8.1版本存在安全漏洞,该漏洞源于使用Monolog记录日志时处理特制序列化有效载荷不当,可能导致PHP对象注入和拒绝服务攻击。
Description (English)
Adminer is a WordPress plugin from Adminer Open Source. Allows WordPress administrator to quickly manage the database. There is a security loophole in version 4.8.1 of Adminer, which stems from the inappropriate handling of specially created serialized payloads using Monolog logs, which may result in PHP objects being injected and denied service attacks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Adminer
Published
2025-08-25
Last Modified
2026-02-24
References
https://www.adminer.org https://github.com/vrana/adminer/compare/v4.8.1…v4.8.2 https://github.com/far00t01/CVE-2025-43960 https://github.com/Seldaek/monolog https://nvd.nist.gov/vuln/detail/CVE-2025-43960 https://vigilance.fr/vulnerability/Adminer-denial-of-service-via-Monolog-48057
Patch
https://www.adminer.org/en/#download
Share on: