CVE-2025-60084

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...

CVE-2025-60082

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through = 6.5.0...

CVE-2025-60083

Deserialization of Untrusted Data vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Object Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 6.5.0...

CVE-2025-60081

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through = 6.5.0...

CVE-2025-54723

Deserialization of Untrusted Data vulnerability in BoldThemes DentiCare denticare allows Object Injection.This issue affects DentiCare: from n/a through 1.4.3...

CVE-2025-64266 WordPress Booking and Rental Manager plugin <= 2.5.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object Injection.This issue affects Booking and Rental Manager: from n/a through = 2.5.4...

CVE-2025-64266 WordPress Booking and Rental Manager plugin <= 2.5.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object Injection.This issue affects Booking and Rental Manager: from n/a through = 2.5.4...

CVE-2025-64266

The CVE pertains to WordPress Plugin Booking and Rental Manager for WooCommerce (versions up to 2.5.4). The issue is a Deserialization of Untrusted Data vulnerability that enables Object Injection via the plugin’s handling of data, as described across CVE records from NVD/Red Hat/ENISA and third-...

CVE-2025-64227 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.7 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Object Injection.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.7...

EUVD-2025-204070

Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object Injection.This issue affects Codiqa: from n/a through 1.2.8...

CVE-2025-64233 WordPress Codiqa theme < 1.2.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object Injection.This issue affects Codiqa: from n/a through 1.2.8...

CVE-2025-64227 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.7 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Object Injection.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.7...

CVE-2025-64233

CVE-2025-64233 describes a deserialization of untrusted data vulnerability in BoldThemes Codiqa (WordPress Codiqa theme) that allows PHP Object Injection . Affected: codiqa versions from n/a through

CVE-2025-64233 WordPress Codiqa theme < 1.2.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object Injection.This issue affects Codiqa: from n/a through 1.2.8...

EUVD-2025-204073

Deserialization of Untrusted Data vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Object Injection.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.7...

CVE-2025-64227

CVE-2025-64227 describes a PHP Object Injection vulnerability in the WordPress plugin “Client Invoicing by Sprout Invoices” (Sprout Invoices). The issue arises from deserializing untrusted data, enabling object injection. Affected versions are WordPress Client Invoicing by Sprout Invoices: up to ...

CVE-2025-64206

CVE-2025-64206 describes a deserialization of untrusted data vulnerability in the WordPress/Jannah theme, enabling PHP Object Injection in Jannah versions up to and including 7.6.0. The issue is triggered via deserialized data handling in Jannah and is rated with a CVSS v3.1 base score of 9.8 (CR...

CVE-2025-64206 WordPress Jannah theme <= 7.6.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through = 7.6.0...

CVE-2025-64206 WordPress Jannah theme <= 7.6.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through = 7.6.0...

CVE-2025-60178 WordPress WP Gravity Forms HubSpot plugin <= 1.2.6 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...