8067 matches found
jsPDF has a PDF Object Injection via FreeText color
Impact User control of arguments of the createAnnotation method allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to the following method, a user can inject arbitrary PDF objects, such as JavaScript actions, which might...
WordPress Traveler theme < 3.2.8.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Phat RiO in WordPress Theme Traveler versions 3.2.8.1...
WordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Phat RiO in WordPress Plugin EventPrime versions = 4.2.8.0...
WordPress WooCommerce Infinite Scroll plugin <= 1.6.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WooCommerce Infinite Scroll versions = 1.6.2...
WordPress Visionary Core plugin <= 1.4.9 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Visionary Core versions = 1.4.9...
WordPress Jobica Core plugin <= 1.4.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Jobica Core versions = 1.4.1...
WordPress Organici Library plugin <= 2.1.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Organici Library versions = 2.1.2...
WordPress CitiLights theme <= 3.7.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme CitiLights versions = 3.7.1...
Exploit for Improper Input Validation in Typo3
TYPO3 CVE-2020-15099 — Unauthenticated RCE PHP Object Injecti...
EUVD-2026-11844
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through 3.8.4.1...
CVE-2026-32355
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through 3.8.4.1...
CVE-2026-32355
CVE-2026-32355 affects the WordPress JetEngine plugin (Crocoblock) for WordPress, with vulnerable versions listed as JetEngine
CVE-2026-32355 WordPress JetEngine plugin < 3.8.4.1 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through 3.8.4.1...
CVE-2026-32355 WordPress JetEngine plugin < 3.8.4.1 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through 3.8.4.1...
CVE-2026-32355
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through 3.8.4.1...
WordPress plugin JetEngine 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
PT-2026-25202
CVE-2026-32355 Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through 3.8.4.1. https://t.co/Cl9q0DhF07...
Linux Distros Unpatched Vulnerability : CVE-2026-21619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3...
WordPress Divi Booster plugin < 5.0.2 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by Saif Team 51 in WordPress Plugin Divi Booster versions 5.0.2...
EUVD-2026-11095
The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one of its fixing function, allowing unauthenticated users to modify stored divi-booster WordPress plugin before 5.0.2 options. Furthermore, due to the use of unserialize on the data, this could be furth...