Lucene search
K

120 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 6:17 p.m.11 views

CVE-2025-47581

Deserialization of Untrusted Data vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...

9.8CVSS7.2AI score0.00396EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/20 1:11 p.m.4 views

WordPress Crafts & Arts theme <= 2.5 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Crafts & Arts versions = 2.5...

8.8CVSS7.2AI score0.00473EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/20 11:48 a.m.4 views

WordPress GrandTour theme <= 5.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds in WordPress Theme Grand Tour versions = 5.6...

9.8CVSS7.3AI score0.00503EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/05/19 8:15 p.m.8 views

CVE-2025-32928

Deserialization of Untrusted Data vulnerability in ThemeGoods Altair altair allows Object Injection.This issue affects Altair: from n/a through = 5.2.2...

9.8CVSS0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 7:53 p.m.17 views

CVE-2025-32928 WordPress Altair theme <= 5.2.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This issue affects Altair: from n/a through 5.2.2...

9.8CVSS6.9AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 7:52 p.m.10 views

CVE-2025-39348 WordPress Grand Restaurant WordPress theme <= 7.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through = 7.0...

9.8CVSS7.2AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 7:51 p.m.10 views

CVE-2025-39349 WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object Injection.This issue affects CiyaShop: from n/a through 4.18.0...

9.8CVSS6.9AI score0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 6:58 p.m.34 views

CVE-2025-39410 WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...

9.8CVSS0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 6:13 p.m.72 views

CVE-2025-47581 WordPress WordPress Events Calendar Registration & Tickets plugin <= 2.6.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...

9.8CVSS0.00396EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/19 1:46 p.m.5 views

WordPress Jarvis – Night Club, Concert, Festival WordPress theme <= 1.8.11 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Jarvis – Night Club, Concert, Festival WordPress versions = 1.8.11...

9.8CVSS7.2AI score0.00503EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/07 3:6 p.m.13 views

WordPress WP-CRM System plugin <= 3.4.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Ngo Bui Truong Vu in WordPress Plugin WP-CRM System versions = 3.4.5...

7.2CVSS8.4AI score0.00467EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/24 4:9 p.m.10 views

CVE-2025-46481 WordPress Flickr Shortcode Importer <= 2.2.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Michael Cannon Flickr Shortcode Importer allows Object Injection. This issue affects Flickr Shortcode Importer: from n/a through 2.2.3...

7.2CVSS6.9AI score0.00467EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/21 11:16 a.m.7 views

WordPress Altair theme <= 5.2.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme Altair versions = 5.2.2...

9.8CVSS7.3AI score0.00396EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/04/17 3:48 p.m.14 views

CVE-2025-27287 WordPress SS Quiz Plugin <= 2.0.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ssvadim SS Quiz ssquiz allows Object Injection.This issue affects SS Quiz: from n/a through = 2.0.5...

9.8CVSS0.00549EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/17 3:47 p.m.5 views

CVE-2025-32658 WordPress HelpGent plugin <= 2.2.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in wpWax HelpGent allows Object Injection. This issue affects HelpGent: from n/a through 2.2.4...

9.8CVSS6.9AI score0.00463EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 12:44 p.m.57 views

CVE-2025-39565

CVE-2025-39565 describes a PHP Object Injection via deserialization of untrusted data in the WordPress plugin MelaPress Login Security . Affected versions are from n/a through 2.1.0. Root cause: deserializing untrusted data that can lead to object injection. Impact per sources is high (confidenti...

7.2CVSS7.2AI score0.00799EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/14 1:31 p.m.6 views

WordPress Question Answer plugin <= 1.2.73 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin Question Answer versions = 1.2.73...

8.8CVSS8.5AI score0.00419EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/04/11 8:42 a.m.22 views

CVE-2025-32607 WordPress WpBookingly plugin <= 1.3.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in magepeopleteam WpBookingly service-booking-manager allows Object Injection.This issue affects WpBookingly: from n/a through = 1.3.0...

9.8CVSS0.00784EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/10 8:9 a.m.11 views

CVE-2025-32145 WordPress WpEvently plugin <= 4.3.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object Injection. This issue affects WpEvently: from n/a through 4.3.5...

8.8CVSS6.9AI score0.00419EPSS
Exploits0References1
Veracode
Veracode
added 2025/04/10 7:26 a.m.15 views

Object Injection

drupal/core is vulnerable to Object Injection. The vulnerability is due to improperly controlled modification of dynamically-determined object attributes, which allows attackers to inject and manipulate objects within the application...

7.5CVSS7.1AI score0.00537EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder