Lucene search
K

8073 matches found

Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.5 views

PT-2025-45244

Deserialization of Untrusted Data vulnerability in sbouey Falang multilanguage falang allows Object Injection.This issue affects Falang multilanguage: from n/a through = 1.3.65...

8.8CVSS7AI score0.0032EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

WordPress plugin Preserve Code Formatting 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

8.8CVSS7.1AI score0.00376EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.3 views

WordPress plugin TranslatePress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

8.1CVSS6.8AI score0.00326EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.4 views

PT-2025-45232

Deserialization of Untrusted Data vulnerability in NooTheme WeMusic noo-wemusic allows Object Injection.This issue affects WeMusic: from n/a through = 1.9.1...

7AI score0.00376EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.5 views

WordPress plugin Ajax Search Lite 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

5.5CVSS6.9AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

WordPress plugin Seil 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

9.8CVSS6.9AI score0.00409EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.2 views

WordPress plugin WeMusic 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

8.8CVSS6.9AI score0.00376EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

WordPress plugin s2Member 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

9.8CVSS7AI score0.00409EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

WordPress plugin WP User Manager 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

9.8CVSS7AI score0.00425EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.7 views

PT-2025-45286

Deserialization of Untrusted Data vulnerability in WP User Manager WP User Manager wp-user-manager allows Object Injection.This issue affects WP User Manager: from n/a through = 2.9.12...

7AI score0.00425EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.5 views

PT-2025-45209

Deserialization of Untrusted Data vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets allows Object Injection.This issue affects Sign-up Sheets: from n/a through = 2.3.2...

7AI score0.00459EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.4 views

PT-2025-45235

Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi allows Object Injection.This issue affects Yogi - Health Beauty & Yoga: from n/a through = 2.9.2...

8.8CVSS7AI score0.00305EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.4 views

PT-2025-45242

Deserialization of Untrusted Data vulnerability in Cozmoslabs TranslatePress translatepress-multilingual allows Object Injection.This issue affects TranslatePress: from n/a through = 2.10.2...

8.1CVSS7AI score0.00326EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.9 views

PT-2025-45201

Deserialization of Untrusted Data vulnerability in wpdreams Ajax Search Lite ajax-search-lite allows Object Injection.This issue affects Ajax Search Lite: from n/a through = 4.13.3...

7AI score0.00206EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

WordPress plugin WP Gravity Forms Keap/Infusionsoft 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

9.8CVSS7AI score0.00409EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.7 views

PT-2025-45207

Deserialization of Untrusted Data vulnerability in Scott Reilly Preserve Code Formatting preserve-code-formatting allows Object Injection.This issue affects Preserve Code Formatting: from n/a through = 4.0.1...

7.1AI score0.00376EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.4 views

PT-2025-45247

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Object Injection.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.3...

7AI score0.00409EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/05 2:25 a.m.10 views

CVE-2025-8871 Everest Forms (Pro) <= 1.9.7 - Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signature

The Everest Forms Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.7 via deserialization of untrusted input in the mimecontenttype function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may ...

5.6CVSS0.00244EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/05 2:25 a.m.3 views

CVE-2025-8871 Everest Forms (Pro) <= 1.9.7 - Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signature

The Everest Forms Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.7 via deserialization of untrusted input in the mimecontenttype function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may ...

5.6CVSS6.8AI score0.00244EPSS
Exploits0References2
CVE
CVE
added 2025/11/05 2:25 a.m.20 views

CVE-2025-8871

CVE-2025-8871: Everest Forms Pro for WordPress (≤1.9.7) is vulnerable to unauthenticated PHP Object Injection via PHAR deserialization in mime_content_type(). Attackers can inject a PHP object when a form with a non-required signature field and image upload is present. No POP chain is in the core...

5.6CVSS6.8AI score0.00244EPSS
Exploits0References2
Rows per page
Query Builder