"product_name":"JoomSport – for Sports: Team & League, Football, Hockey & more",
"version":{
"version_data":[
{
"version_affected":"<",
"version_name":"5.1.8",
"version_value":"5.1.8"
}
]
}
}
]
}
}
]
}
},
"description":{
"description_data":[
{
"lang":"eng",
"value":"The joomsport_md_load AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget chain to exploit this, other installed plugins could, which might lead to more severe issues such as RCE"
