{"api_version":"1","generated_at":"2026-04-11T04:56:19+00:00","cve":"CVE-2024-1858","urls":{"html":"https://cve.report/CVE-2024-1858","api":"https://cve.report/api/cve/CVE-2024-1858.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-1858","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-1858"},"summary":{"title":"Lightbox slider – Responsive Lightbox Gallery <= 1.9.9 - Authenticated (Contributor+) PHP Object Injection","description":"The Lightbox slider – Responsive Lightbox Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.9 via deserialization of untrusted input through post meta data. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.","state":"PUBLISHED","assigner":"Wordfence","published_at":"2024-03-29 07:15:42","updated_at":"2026-04-08 18:20:52"},"problem_types":["CWE-502","CWE-502 CWE-502 Deserialization of Untrusted Data"],"metrics":[{"version":"3.1","source":"security@wordfence.com","type":"Secondary","score":"5.4","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"5.4","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","data":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","version":"3.1"}}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/simple-lightbox-gallery/trunk/simple-lightbox-slider-shortcode.php#L82","name":"https://plugins.trac.wordpress.org/browser/simple-lightbox-gallery/trunk/simple-lightbox-slider-shortcode.php#L82","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/540b2888-16fe-4791-8d08-f7772f71d511?source=cve","name":"https://www.wordfence.com/threat-intel/vulnerabilities/id/540b2888-16fe-4791-8d08-f7772f71d511?source=cve","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://plugins.trac.wordpress.org/changeset/3080113/simple-lightbox-gallery/trunk/simple-lightbox-slider-shortcode.php","name":"https://plugins.trac.wordpress.org/changeset/3080113/simple-lightbox-gallery/trunk/simple-lightbox-slider-shortcode.php","refsource":"security@wordfence.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-1858","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-1858","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"weblizar","product":"Lightbox slider – Responsive Lightbox Gallery","version":"affected 1.9.9 semver","platforms":[]}],"timeline":[{"source":"CNA","time":"2024-03-28T00:00:00.000Z","lang":"en","value":"Disclosed"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Francesco Carlucci","lang":"en"}],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2024-1858","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2024-07-16T19:52:51.448026Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2024-07-17T13:11:16.140Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"providerMetadata":{"dateUpdated":"2024-08-01T18:56:22.307Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_transferred"],"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/540b2888-16fe-4791-8d08-f7772f71d511?source=cve"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/browser/simple-lightbox-gallery/trunk/simple-lightbox-slider-shortcode.php#L82"}],"title":"CVE Program Container"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"Lightbox slider – Responsive Lightbox Gallery","vendor":"weblizar","versions":[{"lessThanOrEqual":"1.9.9","status":"affected","version":"0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"Francesco Carlucci"}],"descriptions":[{"lang":"en","value":"The Lightbox slider – Responsive Lightbox Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.9 via deserialization of untrusted input through post meta data. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code."}],"metrics":[{"cvssV3_1":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-502","description":"CWE-502 Deserialization of Untrusted Data","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-08T16:53:14.108Z","orgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","shortName":"Wordfence"},"references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/540b2888-16fe-4791-8d08-f7772f71d511?source=cve"},{"url":"https://plugins.trac.wordpress.org/changeset/3080113/simple-lightbox-gallery/trunk/simple-lightbox-slider-shortcode.php"}],"timeline":[{"lang":"en","time":"2024-03-28T00:00:00.000Z","value":"Disclosed"}],"title":"Lightbox slider – Responsive Lightbox Gallery <= 1.9.9 - Authenticated (Contributor+) PHP Object Injection"}},"cveMetadata":{"assignerOrgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","assignerShortName":"Wordfence","cveId":"CVE-2024-1858","datePublished":"2024-03-29T06:43:59.098Z","dateReserved":"2024-02-23T18:30:29.828Z","dateUpdated":"2026-04-08T16:53:14.108Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2024-03-29 07:15:42","lastModifiedDate":"2026-04-08 18:20:52","problem_types":["CWE-502","CWE-502 CWE-502 Deserialization of Untrusted Data"],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"1858","Ordinal":"1","Title":"Lightbox slider – Responsive Lightbox Gallery <= 1.9.9 - Authent","CVE":"CVE-2024-1858","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"1858","Ordinal":"1","NoteData":"The Lightbox slider – Responsive Lightbox Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.9 via deserialization of untrusted input through post meta data. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.","Type":"Description","Title":"Lightbox slider – Responsive Lightbox Gallery <= 1.9.9 - Authent"}]}}}