CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

92951 matches found

CVE•added 2026/03/25 4:14 p.m.•4 views

CVE-2026-24989

CVE-2026-24989 describes a deserialization of untrusted data in the SUMO Affiliates Pro plugin for WordPress (affs), enabling PHP object injection. Affected: SUMO Affiliates Pro versions below 11.4.0. Root cause: deserialization of untrusted input leading to object injection. Impact: according to...

9.8CVSS5.8AI score0.00061EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•3 views

CVE-2026-24981

CVE-2026-24981 is a Deserialization of Untrusted Data vulnerability in Visionary Core (NooVisionary Core) affecting Visionary Core versions from a pre-release to and including 1.4.9. The issue allows PHP object injection due to deserialization of untrusted data. CVSS v3.1 vector: AV:N/AC:L/PR:L/U...

8.8CVSS5.8AI score0.00071EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•6 views

CVE-2026-24974

CVE-2026-24974 concerns the CitiLights WordPress Theme (noo-citilights) vulnerability: Deserialization of untrusted data enabling PHP object injection. Affected software: CitiLights Real Estate WordPress Theme (noo-citilights) versions up to and including 3.7.1. The issue is authenticated (Subscr...

8.8CVSS5.8AI score0.00071EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•0 views

CVE-2026-24976 WordPress Organici Library plugin <= 2.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Organici Library noo-organici-library allows Object Injection.This issue affects Organici Library: from n/a through = 2.1.2...

8.8CVSS5.8AI score0.00071EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•2 views

CVE-2026-24974 WordPress CitiLights theme <= 3.7.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme CitiLights noo-citilights allows Object Injection.This issue affects CitiLights: from n/a through = 3.7.1...

8.8CVSS5.8AI score0.00071EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•21 views

CVE-2026-24378 WordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Object Injection.This issue affects EventPrime: from n/a through = 4.2.8.0...

9.8CVSS0.00061EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•5 views

CVE-2026-24378

CVE-2026-24378 describes a Deserialization of Untrusted Data flaw in EventPrime (Events Calendar, Bookings and Tickets) that enables unauthenticated PHP object injection. Affected: EventPrime

9.8CVSS5.8AI score0.00061EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•4 views

CVE-2026-22516

CVE-2026-22516 is a Local File Inclusion vulnerability affecting WordPress plugin/theme Wizor's Wizor's Investments, specifically versions up to and including 2.12. The issue is described as an improper control of filename for Include/Require statements in PHP, enabling PHP Local File Inclusion (...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-22516 WordPress Wizor's theme <= 2.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Wizor's wizors-investments allows PHP Local File Inclusion.This issue affects Wizor's: from n/a through = 2.12...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•2 views

CVE-2026-22509 WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gioia gioia allows PHP Local File Inclusion.This issue affects Gioia: from n/a through = 1.4...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•20 views

CVE-2026-22509 WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gioia gioia allows PHP Local File Inclusion.This issue affects Gioia: from n/a through = 1.4...

8.1CVSS0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-22511 WordPress NeoBeat theme <= 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes NeoBeat neobeat allows PHP Local File Inclusion.This issue affects NeoBeat: from n/a through = 1.2...

8.1CVSS0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•20 views

CVE-2026-22508 WordPress Dentalux theme <= 3.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.This issue affects Dentalux: from n/a through = 3.3...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•6 views

CVE-2026-22511

CVE-2026-22511: WordPress NeoBeat theme (NeoBeat, <=1.2) is affected by Local File Inclusion due to Improper Control of Filename for Include/Require in PHP. The issue, described as PHP Remote File Inclusion in the entry, actually enables Local File Inclusion. Affected: NeoBeat WordPress Theme ...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•5 views

CVE-2026-22505

CVE-2026-22505 describes a PHP object injection vulnerability due to deserialization of untrusted data in the WordPress theme Morning Records (Morning Records: Music Sound Studio WordPress Theme) up to version 1.2. Affected component is the Morning Records theme’s PHP deserialization path; exploi...

8.1CVSS5.8AI score0.00061EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-22507 WordPress Beelove theme <= 1.2.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Beelove beelove allows Object Injection.This issue affects Beelove: from n/a through = 1.2.6...

9.8CVSS5.8AI score0.00061EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•20 views

CVE-2026-22504 WordPress ProLingua theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ProLingua prolingua allows PHP Local File Inclusion.This issue affects ProLingua: from n/a through = 1.1.12...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•0 views

CVE-2026-22504 WordPress ProLingua theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ProLingua prolingua allows PHP Local File Inclusion.This issue affects ProLingua: from n/a through = 1.1.12...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•7 views

CVE-2026-22507

CVE-2026-22507 describes a Deserialization of Untrusted Data vulnerability in the WordPress theme Beelove (AncoraThemes Beelove) up to version 1.2.6, allowing PHP object injection. Red Hat and ENISA ENISA-ENISA pages corroborate the same description. The issue affects Beelove: from n/a through

9.8CVSS5.8AI score0.00061EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•20 views

CVE-2026-22502 WordPress Mr. Cobbler theme <= 1.1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Mr. Cobbler mr-cobbler allows PHP Local File Inclusion.This issue affects Mr. Cobbler: from n/a through = 1.1.9...

8.1CVSS0.00172EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by