80 matches found
CVE-2026-25446 WordPress WishList Member X plugin <= 3.29.0 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in WishList Member X = 3.29.0 versions...
CVE-2026-25446
CVE-2026-25446 affects the WordPress plugin Wishlist Member X (WishList Member X) up to version 3.29.0. The vulnerability is an authenticated Arbitrary File Upload that could enable a subscriber to upload arbitrary files on affected sites. According to the provided sources, this CVE is currently ...
CVE-2026-24575 WordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerability
Subscriber Broken Access Control in WishList Member X = 3.29.0 versions...
CVE-2026-24575
CVE-2026-24575 affects WordPress WishList Member X plugin
PT-2026-31710
Name of the Vulnerable Software and Affected Versions WishList Member X versions prior to 3.29.1 Description A flaw allows users with subscriber privileges to perform arbitrary file uploads. This occurs when the application fails to properly validate files uploaded by users with low-level...
CVE-2026-25445
Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...
EUVD-2026-13083
Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...
CVE-2026-25445
Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...
CVE-2026-25445 WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...
CVE-2026-25445
The vulnerability is a PHP object injection in the WordPress plugin WishList Member X (affected versions: up to 3.29.0). It stems from a deserialization of untrusted data, enabling object injection that can impact confidentiality, integrity, and availability. The CVSS 3.1 base score is 8.8 (HIGH)...
CVE-2026-25445 WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...
PT-2026-26276
Name of the Vulnerable Software and Affected Versions WishList Member X versions through 3.29.0 Description The software contains a flaw related to the deserialization of untrusted data, which allows for object injection. This issue impacts the application's ability to securely handle incoming...
WordPress plugin WishList Member X 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WishList Member X versions = 3.29.0...
WordPress WishList Member X plugin <= 3.29.0 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin WishList Member X versions = 3.29.0...
WordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WishList Member X versions = 3.29.0...
EUVD-2024-36431
Malicious code in bioql PyPI...
EUVD-2024-36433
Malicious code in bioql PyPI...
EUVD-2024-36434
Malicious code in bioql PyPI...
EUVD-2024-36436
Malicious code in bioql PyPI...