PT-2026-21112

Name of the Vulnerable Software and Affected Versions Kleor Contact Manager versions through 9.1.1 Description A flaw exists in Kleor Contact Manager that allows for object injection due to deserialization of untrusted data. This issue impacts the contact-manager component. Recommendations At the...

WordPress plugin Applay - Shortcodes 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

WordPress plugin Capella 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

WordPress plugin Woocommerce Category Banner Management 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

WordPress plugin PatioTime 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

PT-2026-21090

Name of the Vulnerable Software and Affected Versions ModelTheme Addons for WPBakery and Elementor versions prior to 1.5.6 Description A flaw exists in ModelTheme Addons for WPBakery and Elementor that allows for Object Injection due to deserialization of untrusted data. This issue impacts the...

WordPress plugin Travelicious 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

WordPress plugin Extreme Store 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

PT-2026-21094

Name of the Vulnerable Software and Affected Versions Ippsum versions through 1.2.0 Description A flaw exists in Ippsum that allows for object injection due to deserialization of untrusted data. This condition can be exploited by an attacker to potentially compromise the system. Recommendations...

PT-2026-21152

Name of the Vulnerable Software and Affected Versions AncoraThemes KindlyCare versions through 1.6.1 Description An issue exists in AncoraThemes KindlyCare that allows for Object Injection due to deserialization of untrusted data. Recommendations Update KindlyCare to a version later than 1.6.1...

WordPress plugin Nestin 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

PT-2026-21201

Name of the Vulnerable Software and Affected Versions Dotstore Woocommerce Category Banner Management versions through 2.5.1 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This issue is present in the Woocommerce Category Bann...

PT-2026-21065

Name of the Vulnerable Software and Affected Versions BoldThemes Travelicious versions prior to 1.6.7 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This could potentially allow an attacker to manipulate serialized data and...

WordPress plugin Themesflat Elementor 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The themes...

PT-2026-21128

Name of the Vulnerable Software and Affected Versions PhotoMe versions n/a through 5.6.11 Description A flaw exists in PhotoMe that allows for object injection due to deserialization of untrusted data. This issue impacts the application's ability to securely handle incoming data, potentially...

openITCOCKPIT 代码问题漏洞

openITCOCKPIT is an open-source system monitoring software. Versions of openITCOCKPIT 5.3.1 and earlier have code vulnerabilities. These vulnerabilities stem from insecure deserialization points in the Gearman worker implementation, which may lead to PHP object injection attacks...

PT-2026-21122

Name of the Vulnerable Software and Affected Versions fuelthemes PeakShops versions through 1.5.9 Description A flaw exists in fuelthemes PeakShops that allows for object injection due to deserialization of untrusted data. This condition can be exploited by attackers. Recommendations Versions pri...

WordPress plugin ModelTheme Addons for WPBakery and Elementor 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

PT-2026-21197

Name of the Vulnerable Software and Affected Versions A WP Life Slider Responsive Slideshow – Image slider, Gallery slideshow versions through 1.5.4 Description The software contains a flaw related to the deserialization of untrusted data, which allows for object injection. This issue impacts...

PT-2026-21196

Name of the Vulnerable Software and Affected Versions A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery versions through 1.6.0 Description The software contains a flaw related to the deserialization of untrusted data, specifically allowing for object injection...