Loading
Tiki before 24.2 allows lib/importer/tikiimporter_blog_wordpress.php PHP Object Injection by an admin because of an unserialize call.
Use CWE-434, Tiki vendor hub and Tiki product page to widen CVE-2023-22851 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2020-15906, CVE-2023-22850 and CVE-2023-22853 for nearby disclosures in the same product family.