8049 matches found
CVE-2026-27095
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Object Injection.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through = 5.6.0...
CVE-2026-27095
CVE-2026-27095 describes a PHP Object Injection vulnerability in the WordPress plugin Bus Ticket Booking with Seat Reservation (magepeopleteam bus-ticket-booking-with-seat-reservation). Affected versions are up to and including 5.6.0. Deserialization of untrusted data enables object injection, wi...
CVE-2026-27095 WordPress Bus Ticket Booking with Seat Reservation plugin <= 5.6.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Object Injection.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through = 5.6.0...
CVE-2026-27084 WordPress Buisson theme <= 1.1.11 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object Injection.This issue affects Buisson: from n/a through = 1.1.11...
CVE-2026-27084
CVE-2026-27084 affects the WordPress Buisson theme (versions through 1.1.11). The issue is untrusted data deserialization leading to PHP object injection, described as an unauthenticated PHP Object Injection vulnerability. Public sources (NVD/Red Hat/EUVD) assign a high impact, with CVSSv3.1 base...
CVE-2026-27084
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object Injection.This issue affects Buisson: from n/a through = 1.1.11...
CVE-2026-27082
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...
CVE-2026-27083 WordPress Work & Travel Company theme <= 1.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel-company allows Object Injection.This issue affects Work & Travel Company: from n/a through = 1.2...
CVE-2026-27082 WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...
CVE-2026-27084 WordPress Buisson theme <= 1.1.11 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object Injection.This issue affects Buisson: from n/a through = 1.1.11...
CVE-2026-27083
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel-company allows Object Injection.This issue affects Work & Travel Company: from n/a through = 1.2...
CVE-2026-27082
CVE-2026-27082 describes a PHP object-injection/Deserialization of Untrusted Data vulnerability in WordPress Theme Love Story (ThemeREX Love Story) versions n/a through 1.3.12. The issue arises from deserializing untrusted data, enabling object injection. Reported impact includes high confidentia...
CVE-2026-27082 WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...
CVE-2026-27083 WordPress Work & Travel Company theme <= 1.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel-company allows Object Injection.This issue affects Work & Travel Company: from n/a through = 1.2...
CVE-2026-27083
CVE-2026-27083 describes a Deserialization of Untrusted Data vulnerability in the WordPress theme “Work & Travel Company” (ThemeREX Work & Travel Company) affecting versions through 1.2. The root cause is PHP object injection via deserialization of untrusted data in the theme, enabling potential ...
CVE-2026-27045 WordPress WooCommerce Infinite Scroll plugin <= 1.6.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in sbthemes WooCommerce Infinite Scroll sb-woocommerce-infinite-scroll allows Object Injection.This issue affects WooCommerce Infinite Scroll: from n/a through = 1.6.2...
CVE-2026-27045 WordPress WooCommerce Infinite Scroll plugin <= 1.6.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in sbthemes WooCommerce Infinite Scroll sb-woocommerce-infinite-scroll allows Object Injection.This issue affects WooCommerce Infinite Scroll: from n/a through = 1.6.2...
CVE-2026-27045
CVE-2026-27045 is a Deserialization of Untrusted Data vulnerability in the WordPress plugin sb-woocommerce-infinite-scroll. It enables PHP Object Injection in WooCommerce Infinite Scroll for versions from n/a to 1.6.2. CVSS v3.1 base score 8.8 (NETWORK, PRIV: LOW, UI: NONE, C/H/I/A: HIGH). The co...
CVE-2026-25429 WordPress Nexa Blocks plugin <= 1.1.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in wpdive Nexa Blocks nexa-blocks allows Object Injection.This issue affects Nexa Blocks: from n/a through = 1.1.1...
CVE-2026-25429
CVE-2026-25429 describes a deserialization/Unauthenticated PHP Object Injection vulnerability in the Nexa Blocks plugin for WordPress (Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE) affecting versions up to and including 1.1.1. Public disclosures and third‑party referenc...