The vulnerable code is located in /includes/classes/class.ad
The function sortableTableInit() passes S_COOKIE data to unserialize function without sanitizing it.
Code on Line 711
$sortdata = (isset( $_COOKIE["sortdata"] ) ? $_COOKIE["sortdata"] : "");
$sortdata = unserialize( base64_decode( $sortdata ) );
User input passed through the Cookies is not properly sanitized before being used in
an unserialize() call at line 711. This can be exploited to inject arbitrary PHP objects into the
From novice to tech pro — start learning today.