Lucene search
K

8075 matches found

RedhatCVE
RedhatCVE
added 2025/10/19 3:44 a.m.8 views

CVE-2017-20208

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...

9.8CVSS6.5AI score0.00644EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/18 6:30 a.m.5 views

EUVD-2017-18924

The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...

9.8CVSS6.4AI score0.0067EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/18 6:30 a.m.6 views

EUVD-2017-18923

The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerabilit...

9.8CVSS6.4AI score0.0067EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/18 6:30 a.m.9 views

EUVD-2017-18922

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...

9.8CVSS6AI score0.00644EPSS
Exploits0References4
OSV
OSV
added 2025/10/18 4:15 a.m.5 views

CVE-2017-20208

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...

9.8CVSS5.8AI score0.00644EPSS
Exploits0References3
NVD
NVD
added 2025/10/18 4:15 a.m.8 views

CVE-2017-20208

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...

9.8CVSS0.00644EPSS
Exploits0References3
NVD
NVD
added 2025/10/18 4:15 a.m.6 views

CVE-2017-20207

The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerabilit...

9.8CVSS0.0067EPSS
Exploits0References3
OSV
OSV
added 2025/10/18 4:15 a.m.5 views

CVE-2017-20206

The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...

9.8CVSS5.8AI score0.0067EPSS
Exploits0References3
NVD
NVD
added 2025/10/18 4:15 a.m.6 views

CVE-2017-20206

The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...

9.8CVSS0.0067EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/18 3:33 a.m.5 views

CVE-2017-20208 RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...

9.8CVSS6.1AI score0.00644EPSS
Exploits0References3
CVE
CVE
added 2025/10/18 3:33 a.m.14 views

CVE-2017-20208

CVE-2017-20208 affects the WordPress plugin RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login. All versions up to 3.7.9.3 are vulnerable to PHP Object Injection via deserialization of untrusted input from the is_expired_by_date() function. This allows unaut...

9.8CVSS6.1AI score0.00644EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/10/18 3:33 a.m.32 views

CVE-2017-20208 RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 exclusive via deserialization of untrusted input from the isexpiredbydate function. This makes it possible for...

9.8CVSS0.00644EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/18 3:33 a.m.3 views

CVE-2017-20206 Appointments <= 2.2.1 - Unauthenticated PHP Object Injection

The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...

9.8CVSS6.5AI score0.0067EPSS
Exploits0References3
CVE
CVE
added 2025/10/18 3:33 a.m.14 views

CVE-2017-20206

The CVE-2017-20206 entry concerns the WordPress Appointments plugin (versions up to 2.2.1). The vulnerability is a PHP Object Injection via deserialization of untrusted input from the wpmudev_appointments cookie, allowing unauthenticated attackers to inject a PHP object. The documented impact ind...

9.8CVSS6.5AI score0.0067EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/18 3:33 a.m.5 views

CVE-2017-20207 Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Injection

The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerabilit...

9.8CVSS6.5AI score0.0067EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/18 3:33 a.m.17 views

CVE-2017-20207 Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Injection

The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerabilit...

9.8CVSS0.0067EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/18 12:0 a.m.5 views

PT-2025-42675

Name of the Vulnerable Software and Affected Versions Flickr Gallery plugin for WordPress versions up to and including 1.5.2 Description The software is susceptible to PHP Object Injection due to deserialization of untrusted input from the pager parameter. This allows unauthenticated attackers to...

9.8CVSS6.8AI score0.0067EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/18 12:0 a.m.2 views

WordPress plugin Appointments 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

9.8CVSS7.3AI score0.0067EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/18 12:0 a.m.8 views

PT-2025-42676

Name of the Vulnerable Software and Affected Versions RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress versions prior to 3.7.9.3 Description The RegistrationMagic plugin for WordPress is susceptible to PHP Object Injection due to...

9.8CVSS6.9AI score0.00644EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/10/18 12:0 a.m.5 views

WordPress plugin RegistrationMagic 代码问题漏洞

WordPress, etc. are products of the WordPress Foundation.WordPress is a suite of blogging platforms developed using the PHP language.PHP, etc. are products of PHP.PHP is a scripting language that executes on the server side.WebSockets ws, etc. are products of the WebSockets open source.ws is a...

9.8CVSS7.1AI score0.00644EPSS
Exploits0References4
Rows per page
Query Builder