8050 matches found
CVE-2026-25429
CVE-2026-25429 describes a deserialization/Unauthenticated PHP Object Injection vulnerability in the Nexa Blocks plugin for WordPress (Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE) affecting versions up to and including 1.1.1. Public disclosures and third‑party referenc...
CVE-2026-25429 WordPress Nexa Blocks plugin <= 1.1.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in wpdive Nexa Blocks nexa-blocks allows Object Injection.This issue affects Nexa Blocks: from n/a through = 1.1.1...
CVE-2026-25400 WordPress Apicona theme <= 24.1.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in thememount Apicona apicona allows Object Injection.This issue affects Apicona: from n/a through = 24.1.0...
CVE-2026-25400 WordPress Apicona theme <= 24.1.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in thememount Apicona apicona allows Object Injection.This issue affects Apicona: from n/a through = 24.1.0...
CVE-2026-25400
CVE-2026-25400 affects WordPress Theme Apicona (versions up to 24.1.0). The issue is a deserialization of untrusted data that enables object injection. CVSS v3.1: 8.8 (HIGH); vector CVSS:AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Impact spans confidentiality, integrity, and availability. Root cause des...
CVE-2026-25360 WordPress Vex theme < 1.2.9 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Vex vex allows Object Injection.This issue affects Vex: from n/a through 1.2.9...
CVE-2026-25360 WordPress Vex theme < 1.2.9 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Vex vex allows Object Injection.This issue affects Vex: from n/a through 1.2.9...
CVE-2026-25359 WordPress Pendulum theme < 3.1.5 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Pendulum pendulum allows Object Injection.This issue affects Pendulum: from n/a through 3.1.5...
CVE-2026-25359
CVE-2026-25359 describes a Deserialization of Untrusted Data vulnerability in the Pendulum theme for WordPress, allowing PHP Object Injection. Affected software: Pendulum from no public earliest version up to
CVE-2026-25359 WordPress Pendulum theme < 3.1.5 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Pendulum pendulum allows Object Injection.This issue affects Pendulum: from n/a through 3.1.5...
CVE-2026-25360
CVE-2026-25360 corresponds to a Deserialization of Untrusted Data vulnerability in the Vex plugin by Vex (Vex) for WordPress. Affected product: Vex = 1.2.9). Connected Wordfence details also list the CVE-2026-25360 under the Wordfence vulnerability repository with the same patched status and attr...
CVE-2026-25358
The CVE-2026-25358 entry covers a PHP object-injection vulnerability in the WordPress Meloo theme, affecting Meloo versions prior to 2.8.2. Root cause: deserialization of untrusted data could lead to object injection. Impact as stated includes high confidentiality, integrity, and availability con...
CVE-2026-25358 WordPress Meloo theme < 2.8.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through 2.8.2...
CVE-2026-25358 WordPress Meloo theme < 2.8.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through 2.8.2...
CVE-2026-25032
CVE-2026-25032 affects WordPress Ricky theme versions prior to 2.31. The issue is a Deserialization of Untrusted Data vulnerability that allows PHP Object Injection via the Ricky theme’s deserialization path. Current sources describe the affected component as the Ricky WordPress theme and indicat...
CVE-2026-25030
CVE-2026-25030 affects WordPress Goldish theme versions prior to 3.47. The vulnerability is due to deserialization of untrusted data, enabling PHP object injection in Goldish. Impact is described as high for confidentiality, integrity, and availability with network access and no user interaction ...
CVE-2026-25031 WordPress Tasty Daily theme < 1.27 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Tasty Daily tastydaily allows Object Injection.This issue affects Tasty Daily: from n/a through 1.27...
CVE-2026-25031 WordPress Tasty Daily theme < 1.27 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Tasty Daily tastydaily allows Object Injection.This issue affects Tasty Daily: from n/a through 1.27...
CVE-2026-25031
The CVE-2026-25031 advisory describes a Deserialization of Untrusted Data vulnerability in the WordPress theme Tasty Daily by park_of_ideas. Concrete details across connected sources show that the issue is an Object Injection vulnerability in Tasty Daily tastydaily prior to version 1.27, caused b...
CVE-2026-25032 WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through 2.31...