CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Affected software: WordPress WP Activity Log plugin (vulnerable <= 5.6.3.1). Issue: unauthenticated PHP Object Injection. Root cause and technical specifics are not detailed in the provided documents beyond the vulnerability type. Impact metrics indicate a high-severity CVSS v3.1 score of 9.8 ...

9.8CVSS5.3AI score0.00525EPSS

Exploits1References1

Cvelist•added 6 days ago•27 views

CVE-2026-52706 WordPress JetEngine plugin <= 3.8.10 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in JetEngine = 3.8.10 versions...

9.8CVSS0.00386EPSS

Exploits0References1

CVE•added 6 days ago•17 views

CVE-2026-52706

CVE-2026-52706 : Unauthenticated PHP Object Injection in WordPress JetEngine plugin (versions ≤ 3.8.10). Affected component: JetEngine; vulnerability type: PHP Object Injection. Impact: high confidentiality, integrity, and availability (CVSS 3.1 base score 9.8; network attack vector; no user inte...

9.8CVSS5.3AI score0.00386EPSS

Exploits0References1

Cvelist•added 6 days ago•26 views

CVE-2026-49107 WordPress Thrive Apprentice plugin < 10.8.10.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...

9.8CVSS0.00375EPSS

Exploits0References1

CVE•added 6 days ago•12 views

CVE-2026-49107

CVE-2026-49107 concerns unauthenticated PHP Object Injection in the WordPress Thrive Apprentice plugin for versions below 10.8.10.2. The vulnerability is described as an unauthenticated PHP Object Injection, affecting Thrive Apprentice, with a CVSS v3.1 base score of 9.8 (CRITICAL) and an attack ...

9.8CVSS5.3AI score0.00375EPSS

Exploits0References1

Cvelist•added 6 days ago•26 views

CVE-2026-49075 WordPress JetEngine plugin <= 3.8.9.1 - PHP Object Injection vulnerability

Contributor PHP Object Injection in JetEngine = 3.8.9.1 versions...

9.8CVSS0.00386EPSS

Exploits0References1

CVE•added 6 days ago•12 views

CVE-2026-49075

The CVE covers a PHP Object Injection flaw in the WordPress JetEngine plugin, affecting versions

9.8CVSS5.3AI score0.00386EPSS

Exploits0References1

CVE•added 6 days ago•10 views

CVE-2026-42380

CVE-2026-42380 covers the WordPress AI Lab theme prior to version 5.4.2, which is vulnerable to unauthenticated PHP Object Injection. The Patchstack entry and CVE records indicate the vulnerability is fixed in 5.4.2. Impact is high (remote, unauthenticated) per the CVSS vector: Network, None priv...

9.8CVSS5.3AI score0.0051EPSS

Exploits0References1

Cvelist•added 6 days ago•27 views

CVE-2026-42380 WordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in AI Lab 5.4.2 versions...

9.8CVSS0.0051EPSS

Exploits0References1

Cvelist•added 6 days ago•24 views

CVE-2026-40753 WordPress EasyMeals theme <= 1.5.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in EasyMeals = 1.5.1 versions...

8.1CVSS0.00308EPSS

Exploits0References1

CVE•added 6 days ago•7 views

CVE-2026-40753

CVE-2026-40753 affects the WordPress EasyMeals theme (versions ≤ 1.5.1). The vulnerability is an unauthenticated PHP Object Injection in EasyMeals, caused by unsafe object handling in the affected component. The published metrics indicate a high impact (CVSS v3.1: 8.1, HIGH) with network attack v...

8.1CVSS5.3AI score0.00308EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by