## Vulnerability Key Information ### Vulnerability Name - **Insecure Deserialization of untrusted data** ### Severity - **Critical** - **CVSS v3 base metrics:** - Attack vector: Network - Attack complexity: Low - Privileges required: None - User interaction: None - Scope: Unchanged - Confidentiality: High - Integrity: High - Availability: High - **CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H** - **CVE ID:** CVE-2021-29476 ### Package Information - **Package:** rmcue/requests (Composer) - **Affected versions:** 1.6.0, 1.6.1, 1.7.0 - **Patched versions:** 1.8.0 ### Impact - **Unserialization of untrusted data** ### Patch - **Affected versions (1.6.0, 1.6.1, 1.7.0) should update to version 1.8.0** ### Weakness - **CWE-502** ### Reference Links - Specific reference links are available in the original document. ### Fix Information - Original fix was included in WordPress 5.5.2. ### Related Security Advisories - Specific reference links are available in the original document. ### Notifications and More Details - If you have any questions or comments regarding this advisory, please open an Issue.