CVE-2026-7647 Profile Builder Pro <= 3.14.5 - Unauthenticated PHP Object Injection

The Profile Builder Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to and including 3.14.5. This is due to the use of PHP's maybeunserialize function on the attacker-controlled 'args' POST parameter within the wppbrequestuserspinsactioncallback AJAX handler, whi...

CVE-2026-7647

Profile Builder Pro for WordPress (versions up to 3.14.5) is vulnerable to PHP Object Injection due to maybe_unserialize() on the attacker-controlled 'args' parameter in wppb_request_users_pins_action_callback(). The AJAX handler is registered for both authenticated and unauthenticated requests (...

PT-2026-36582

Name of the Vulnerable Software and Affected Versions Profile Builder Pro versions prior to 3.14.6 Description The Profile Builder Pro plugin for WordPress is susceptible to PHP Object Injection. This occurs because the wppb request users pins action callback AJAX handler uses the maybe unseriali...

WordPress plugin Profile Builder Pro 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

WordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme AI Lab versions 5.4.2...

WordPress Alukas theme < 3.0.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Theme Alukas versions 3.0.0...

WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Theme Kapee versions 1.7.0...

WordPress PressMart theme <= 1.2.26 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Theme PressMart versions = 1.2.26...

WordPress EmallShop theme <= 2.4.21 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Theme EmallShop versions = 2.4.21...

EUVD-2026-24075

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

CVE-2026-39467

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

CVE-2026-39467

CVE-2026-39467 affects the MetaSlider Responsive Slider plugin by MetaSlider (WordPress). It is a Deserialization of Untrusted Data vulnerability, allowing Object Injection in versions from n/a through 3.106.0. According to the CVSS 3.1 metrics, the exploit requires no user interaction and is exp...

CVE-2026-39467 WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

CVE-2026-39467 WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

CVE-2026-39467

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

PT-2026-33924

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

WordPress plugin Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Issues...

WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.19 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Advanced Product Fields Product Addons for WooCommerce versions = 1.6.19...

WordPress YayMail plugin <= 4.3.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin YayMail versions = 4.3.3...

WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Responsive Slider by MetaSlider versions = 3.106.0...