CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8050 matches found

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-25030 WordPress Goldish theme < 3.47 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in parkofideas Goldish goldish allows Object Injection.This issue affects Goldish: from n/a through 3.47...

9.8CVSS5.8AI score0.00375EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•2 views

CVE-2026-25032 WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in parkofideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through 2.31...

9.8CVSS5.8AI score0.00375EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•23 views

CVE-2026-25030 WordPress Goldish theme < 3.47 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in parkofideas Goldish goldish allows Object Injection.This issue affects Goldish: from n/a through 3.47...

9.8CVSS0.00375EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•30 views

CVE-2026-25029

CVE-2026-25029 concerns the WordPress KIDZ theme (KIDZ) with versions up to 5.24. The issue is a Deserialization of Untrusted Data vulnerability that enables PHP Object Injection in the KIDZ component. Root cause: untrusted data deserialization allowing object injection, potentially enabling mali...

9.8CVSS5.8AI score0.00375EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•0 views

CVE-2026-25029 WordPress KIDZ theme <= 5.24 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in parkofideas KIDZ kidz allows Object Injection.This issue affects KIDZ: from n/a through = 5.24...

9.8CVSS5.8AI score0.00375EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•29 views

CVE-2026-25029 WordPress KIDZ theme <= 5.24 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in parkofideas KIDZ kidz allows Object Injection.This issue affects KIDZ: from n/a through = 5.24...

9.8CVSS0.00375EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•3 views

CVE-2026-24989 WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...

9.8CVSS5.8AI score0.00375EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•23 views

CVE-2026-24989 WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...

9.8CVSS0.00375EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•5 views

CVE-2026-24989

CVE-2026-24989 describes a deserialization of untrusted data in the SUMO Affiliates Pro plugin for WordPress (affs), enabling PHP object injection. Affected: SUMO Affiliates Pro versions below 11.4.0. Root cause: deserialization of untrusted input leading to object injection. Impact: according to...

9.8CVSS5.8AI score0.00375EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•6 views

CVE-2026-24978

CVE-2026-24978 describes a Deserialization of Untrusted Data vulnerability in Jobica Core (NooTheme) that enables PHP Object Injection. Affected software: Jobica Core

8.8CVSS5.8AI score0.00344EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-24978 WordPress Jobica Core plugin <= 1.4.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Jobica Core jobica-core allows Object Injection.This issue affects Jobica Core: from n/a through = 1.4.1...

8.8CVSS0.00344EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•2 views

CVE-2026-24981 WordPress Visionary Core plugin <= 1.4.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Visionary Core noo-visionary-core allows Object Injection.This issue affects Visionary Core: from n/a through = 1.4.9...

8.8CVSS5.8AI score0.00344EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-24978 WordPress Jobica Core plugin <= 1.4.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Jobica Core jobica-core allows Object Injection.This issue affects Jobica Core: from n/a through = 1.4.1...

8.8CVSS5.8AI score0.00344EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•6 views

CVE-2026-24981

CVE-2026-24981 is a Deserialization of Untrusted Data vulnerability in Visionary Core (NooVisionary Core) affecting Visionary Core versions from a pre-release to and including 1.4.9. The issue allows PHP object injection due to deserialization of untrusted data. CVSS v3.1 vector: AV:N/AC:L/PR:L/U...

8.8CVSS5.8AI score0.00344EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•26 views

CVE-2026-24981 WordPress Visionary Core plugin <= 1.4.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Visionary Core noo-visionary-core allows Object Injection.This issue affects Visionary Core: from n/a through = 1.4.9...

8.8CVSS0.00344EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•2 views

CVE-2026-24974 WordPress CitiLights theme <= 3.7.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme CitiLights noo-citilights allows Object Injection.This issue affects CitiLights: from n/a through = 3.7.1...

8.8CVSS5.8AI score0.00344EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•6 views

CVE-2026-24976

The CVE CVE-2026-24976 affects the Organici Library (noo-organici-library) in WordPress via an Authenticated (Subscriber+) PHP Object Injection vulnerability, with the vulnerability being disclosed by Wordfence and described as affecting Organici Library versions from - up to 2.1.2. The connected...

8.8CVSS5.8AI score0.00344EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•24 views

CVE-2026-24976 WordPress Organici Library plugin <= 2.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Organici Library noo-organici-library allows Object Injection.This issue affects Organici Library: from n/a through = 2.1.2...

8.8CVSS0.00344EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•0 views

CVE-2026-24976 WordPress Organici Library plugin <= 2.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Organici Library noo-organici-library allows Object Injection.This issue affects Organici Library: from n/a through = 2.1.2...

8.8CVSS5.8AI score0.00344EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•9 views

CVE-2026-24974

CVE-2026-24974 concerns the CitiLights WordPress Theme (noo-citilights) vulnerability: Deserialization of untrusted data enabling PHP object injection. Affected software: CitiLights Real Estate WordPress Theme (noo-citilights) versions up to and including 3.7.1. The issue is authenticated (Subscr...

8.8CVSS5.8AI score0.00344EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by