WordPress Reina theme <= 2.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Reina versions = 2.1...

WordPress ShiftUp theme <= 1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme ShiftUp versions = 1.3...

WordPress Events Calendar for GeoDirectory plugin <= 2.3.25 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Events Calendar for GeoDirectory versions = 2.3.25...

WordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Plugin WooCommerce Product Filters versions 2.0.6...

EUVD-2025-209477

Deserialization of untrusted data vulnerability in OpenText, Inc RightFax on Windows, 64 bit, 32 bit allows Object Injection.This issue affects RightFax: through 25.4...

CVE-2025-15610

The .NET Remoting framework used by OpenText Fax RightFax includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible...

CVE-2025-15610

The .NET Remoting framework used by OpenText Fax RightFax includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible...

CVE-2025-15610

OpenText RightFax for Windows (64‑bit and 32‑bit) is affected by CVE-2025-15610 due to deserialization of untrusted data which can lead to object injection. The issue impacts RightFax up to version 25.4. The CVSSv4 base score is 9.3 (CRITICAL) with NETWORK attack vector and no user interaction re...

CVE-2025-15610

The .NET Remoting framework used by OpenText Fax RightFax includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible...

CVE-2025-15610

The .NET Remoting framework used by OpenText Fax RightFax includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible...

OpenText RightFax 安全漏洞

OpenText RightFax is an enterprise fax server software developed by OpenText Corporation in Canada. Versions of OpenText RightFax prior to 25.4 contained a security vulnerability that stemmed from deserializing untrusted data, which could lead to object injection attacks...

PT-2026-33096

Name of the Vulnerable Software and Affected Versions RightFax versions prior to 25.4 Description An issue involving the deserialization of untrusted data allows for Object Injection. This flaw can lead to remote code execution without requiring authentication. Recommendations Update to version...

CVE-2026-3017

The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserialization of untrusted input in the importshortcodes function. This makes it possible for authenticate...

CVE-2026-3017 Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts <= 3.0.12 - Authenticated (Administrator+) PHP Object Injection

The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserialization of untrusted input in the importshortcodes function. This makes it possible for authenticate...

CVE-2026-3017 Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts <= 3.0.12 - Authenticated (Administrator+) PHP Object Injection

The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserialization of untrusted input in the importshortcodes function. This makes it possible for authenticate...

CVE-2026-3017

The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserialization of untrusted input in the importshortcodes function. This makes it possible for authenticate...

CVE-2026-3017

The CVE-2026-3017 entry concerns the WordPress plugin Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts, affected up to version 3.0.12. The vulnerability is a PHP Object Injection via deserialization of untrusted input in the import_shortcodes() function. With Administr...

WordPress Smart Post Show - Post Grid, Post Carousel & Slider, and List Category Posts plugin <= 3.0.12 - Authenticated (Administrator+) PHP Object Injection vulnerability

WordPress Smart Post Show - Post Grid, Post Carousel & Slider, and List Category Posts plugin = 3.0.12 - Authenticated Administrator+ PHP Object Injection vulnerability discovered by Vilaysone CHANTHAVONG 0xJ0cKkY - Cyberus Technologies in WordPress Plugin Post Grid, Post Carousel, & List Categor...

WordPress plugin Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-32599

The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserialization of untrusted input in the import shortcodes function. This makes it possible for authenticat...