8070 matches found
WordPress plugin Sound | Musical Instruments Online Store code issues and vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-4105
Name of the Vulnerable Software and Affected Versions AivahThemes Anona versions through 8.0 Description A flaw exists in AivahThemes Anona that allows for Object Injection due to deserialization of untrusted data. This issue impacts the Anona software. The vulnerability involves the...
WordPress plugin JupiterX Core code vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
PT-2026-3980
Name of the Vulnerable Software and Affected Versions artbees JupiterX Core versions through 4.10.1 Description The software contains a flaw related to the deserialization of untrusted data, which allows for object injection. This issue impacts the JupiterX Core component. Recommendations Update ...
WordPress plugin OneLife has code-related vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...
PT-2026-4101
Name of the Vulnerable Software and Affected Versions designthemes Vivagh versions through 2.4 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This could potentially allow an attacker to compromise the system. Recommendations A...
WordPress plugin Vivagh: code-related vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-4169
Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection.This issue affects North: from n/a through = 5.7.5...
PT-2026-4119
Name of the Vulnerable Software and Affected Versions designthemes OneLife versions n/a through 3.9 Description A flaw exists in designthemes OneLife that allows for Object Injection due to deserialization of untrusted data. This issue impacts the application’s ability to securely handle incoming...
PT-2026-4071
Name of the Vulnerable Software and Affected Versions Arraytics Eventin versions through 4.1.1 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This could potentially allow an attacker to compromise the system. Recommendations...
WordPress plugin North: code-related vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...
WordPress plugin Eventin: Code-related vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...
PT-2026-4124
Name of the Vulnerable Software and Affected Versions strongholdthemes Tech Life CPT versions n/a through 16.4 Description An issue exists in strongholdthemes Tech Life CPT that allows for Object Injection due to deserialization of untrusted data. This impacts the techlife-cpt component...
PT-2026-4123
Name of the Vulnerable Software and Affected Versions strongholdthemes Dental Care CPT versions through 20.2 Description A flaw exists in strongholdthemes Dental Care CPT that allows for Object Injection due to deserialization of untrusted data. This issue impacts the dentalcare-cpt component...
CVE-2026-0726
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.6 via deserialization of untrusted input in the 'nxtunserializereplace' function. This makes it possible for unauthenticated attackers to inject a...
WordPress Nexter Extension - Site Enhancements Toolkit plugin <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace' vulnerability
WordPress Nexter Extension - Site Enhancements Toolkit plugin = 4.4.6 - Unauthenticated PHP Object Injection via 'nxtunserializereplace' vulnerability discovered by Webbernaut in WordPress Plugin Nexter Extension versions = 4.4.6...
CVE-2026-0726
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.6 via deserialization of untrusted input in the 'nxtunserializereplace' function. This makes it possible for unauthenticated attackers to inject a...
CVE-2026-0726 Nexter Extension – Site Enhancements Toolkit <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace'
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.6 via deserialization of untrusted input in the 'nxtunserializereplace' function. This makes it possible for unauthenticated attackers to inject a...
CVE-2026-0726 Nexter Extension – Site Enhancements Toolkit <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace'
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.6 via deserialization of untrusted input in the 'nxtunserializereplace' function. This makes it possible for unauthenticated attackers to inject a...
CVE-2026-0726
CVE-2026-0726 (Nexter Extension – Site Enhancements Toolkit, WordPress) is a PHP Object Injection vulnerability in the Nexter Extension plugin, affecting all versions up to and including 4.4.6, via deserialization in nxt_unserialize_replace. An unauthenticated attacker can inject a PHP Object if ...