Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/02/12 7:33 a.m.6 views

CVE-2026-1235

The WP eCommerce WordPress plugin through 3.15.1 unserializes user input via ajax actions, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

6.5CVSS5.7AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:59 a.m.4 views

CVE-2023-1347

The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS8.8AI score0.16046EPSS
Exploits1References1
OSV
OSV
added 2023/05/08 2:15 p.m.4 views

CVE-2023-1650

The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog...

9.8CVSS7.3AI score0.34351EPSS
Exploits2References1
OSV
OSV
added 2023/02/06 8:15 p.m.7 views

CVE-2022-4489

The HUSKY WordPress plugin before 1.3.2 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS5.8AI score0.01313EPSS
Exploits2References1
OSV
OSV
added 2023/01/23 3:15 p.m.5 views

CVE-2022-4323

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS5.8AI score0.01046EPSS
Exploits2References1
Rows per page
Query Builder