Lucene search
K

8074 matches found

Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.6 views

CVE-2025-60213 WordPress Scape theme <= 1.5.13 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Whitebox-Studio Scape scape allows Object Injection.This issue affects Scape: from n/a through = 1.5.13...

9.8CVSS6.6AI score0.00529EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.3 views

CVE-2025-60210 WordPress Everest Forms - Frontend Listing plugin <= 1.0.5 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in wpeverest Everest Forms - Frontend Listing everest-forms-frontend-listing allows Object Injection.This issue affects Everest Forms - Frontend Listing: from n/a through = 1.0.5...

9.8CVSS6.6AI score0.00459EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.8 views

CVE-2025-60212 WordPress VEDA Theme <= 4.2 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes VEDA veda allows Object Injection.This issue affects VEDA: from n/a through = 4.2...

8.8CVSS0.00486EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.11 views

CVE-2025-60210

CVE-2025-60210 affects WordPress plugin Everest Forms - Frontend Listing (versions up to and including 1.0.5). The issue is a Deserialization of Untrusted Data leading to PHP Object Injection in everest-forms-frontend-listing. Descriptions across NVD/Red Hat/EUVD/CVE List indicate high-severity i...

9.8CVSS6.6AI score0.00459EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.3 views

CVE-2025-60212 WordPress VEDA Theme <= 4.2 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes VEDA veda allows Object Injection.This issue affects VEDA: from n/a through = 4.2...

8.8CVSS6.6AI score0.00486EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.12 views

CVE-2025-60213

The vulnerability CVE-2025-60213 concerns a Deserialization of Untrusted Data issue in the WordPress Scape theme (versions up to and including 1.5.13). The root cause is PHP object injection via deserializing untrusted data, affecting the Scape component. The issue is rated CRITICAL (CVSS 3.1: 9....

9.8CVSS6.6AI score0.00529EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.4 views

CVE-2025-60208 WordPress Advanced Custom Fields : CPT Options Pages plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injection.This issue affects Advanced Custom Fields : CPT Options Pages: from n/a through = 2.0.9...

8.8CVSS6.6AI score0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.4 views

CVE-2025-60209 WordPress Connector for Gravity Forms and Google Sheets plugin <= 1.2.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets wp-gravity-forms-spreadsheets allows Object Injection.This issue affects Connector for Gravity Forms and Google Sheets: from n/a through = 1.2.6...

9.8CVSS6.6AI score0.00529EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.10 views

CVE-2025-60209 WordPress Connector for Gravity Forms and Google Sheets plugin <= 1.2.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets wp-gravity-forms-spreadsheets allows Object Injection.This issue affects Connector for Gravity Forms and Google Sheets: from n/a through = 1.2.6...

9.8CVSS0.00529EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.10 views

CVE-2025-60208 WordPress Advanced Custom Fields : CPT Options Pages plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injection.This issue affects Advanced Custom Fields : CPT Options Pages: from n/a through = 2.0.9...

8.8CVSS0.00186EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.19 views

CVE-2025-60208

CVE-2025-60208 concerns the WordPress plugin Advanced Custom Fields: CPT Options Pages (acp-cpt-options-pages) up to version 2.0.9. Multiple connected sources confirm a Cross-Site Request Forgery (CSRF) vulnerability that enables Object Injection. The issue affects versions listed as n/a through

8.8CVSS6.6AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.13 views

CVE-2025-60209

The CVE-2025-60209 issue is a Deserialization of Untrusted Data vulnerability in the WordPress plugin “Connector for Gravity Forms and Google Sheets” (wp-gravity-forms-spreadsheets), affecting versions up to 1.2.6. All connected sources describe it as PHP Object Injection resulting from untrusted...

9.8CVSS6.6AI score0.00529EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.8 views

CVE-2025-60039

CVE-2025-60039 affects the WordPress theme Noisa (

9.8CVSS6.6AI score0.00514EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.3 views

CVE-2025-60039 WordPress Noisa theme <= 2.6.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in rascals Noisa noisa allows Object Injection.This issue affects Noisa: from n/a through = 2.6.0...

9.8CVSS6.6AI score0.00514EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.9 views

CVE-2025-59007

CVE-2025-59007 describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin TF Woo Product Grid Addon For Elementor (tf-woo-product-grid) up to version 1.0.1. The issue enables Object Injection due to unsafe deserialization of data, with the public records indicating a high...

9.8CVSS6.6AI score0.00449EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.13 views

CVE-2025-59007 WordPress TF Woo Product Grid Addon For Elementor Plugin <= 1.0.1 - Deserialization of untrusted data Vulnerability

Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elementor: from n/a through = 1.0.1...

9.8CVSS0.00449EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.4 views

CVE-2025-59007 WordPress TF Woo Product Grid Addon For Elementor Plugin <= 1.0.1 - Deserialization of untrusted data Vulnerability

Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elementor: from n/a through = 1.0.1...

9.8CVSS6.6AI score0.00449EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.7 views

CVE-2025-52740 WordPress Boldermail Plugin <= 2.4.0 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Hernan Villanueva Boldermail boldermail allows Object Injection.This issue affects Boldermail: from n/a through = 2.4.0...

8.8CVSS0.00486EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.3 views

CVE-2025-52740 WordPress Boldermail Plugin <= 2.4.0 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Hernan Villanueva Boldermail boldermail allows Object Injection.This issue affects Boldermail: from n/a through = 2.4.0...

8.8CVSS6.6AI score0.00486EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.9 views

CVE-2025-52740

The CVE-2025-52740 entry concerns WordPress Boldermail Plugin (2.4.0). Public references from Patchstack and PT-Security corroborate the object-injection vector and version range. Other sources summarize the same issue and describe the plugin’s function as an email marketing/automation tool, unde...

8.8CVSS6.6AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder