CVE-2026-22480 WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through = 2.3.3...

CVE-2026-22480

CVE-2026-22480 concerns WebToffee Product Feed for WooCommerce. The vulnerability is a Deserialization of Untrusted Data issue that enables PHP Object Injection in WebToffee WooCommerce Product Feeds (plugin) versions through 2.3.3. The CVE entry is supported by multiple connected sources (NVD/Re...

WordPress plugin Gracey 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Apicona 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress plugin Buisson 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

PT-2026-27831

Name of the Vulnerable Software and Affected Versions AncoraThemes Melody versions n/a through 1.6.3 Description A flaw exists in the deserialization of untrusted data within AncoraThemes Melody melodyschool, potentially allowing for object injection. This issue could allow an attacker to inject...

PT-2026-27890

Name of the Vulnerable Software and Affected Versions Tasty Daily versions prior to 1.27 Description An issue exists in Tasty Daily that allows for object injection due to deserialization of untrusted data. This could potentially allow an attacker to inject malicious objects. Recommendations Upda...

WordPress plugin CitiLights 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

PT-2026-27919

Name of the Vulnerable Software and Affected Versions rascals Meloo versions prior to 2.8.2 Description An issue exists in rascals Meloo related to the deserialization of untrusted data, which allows for object injection. The deserialization process does not properly validate the incoming data,...

PT-2026-27938

Name of the Vulnerable Software and Affected Versions Apicona versions n/a through 24.1.0 Description A flaw exists in Apicona related to the deserialization of untrusted data, which allows for object injection. This issue could potentially impact systems utilizing the affected software...

PT-2026-28016

Name of the Vulnerable Software and Affected Versions Select-Themes Borgholm versions prior to 1.6 Description An issue exists in Select-Themes Borgholm borgholm-marketing-agency-theme related to the deserialization of untrusted data, which allows for object injection. This could potentially allo...

WordPress plugin weforms 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress plugin Archicon 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-27889

Name of the Vulnerable Software and Affected Versions Goldish versions prior to 3.47 Description An issue exists in Goldish that allows for object injection due to deserialization of untrusted data. Recommendations Update Goldish to version 3.47 or later...

PT-2026-27965

Name of the Vulnerable Software and Affected Versions WooCommerce Infinite Scroll versions through 1.6.2 Description The software contains a flaw related to the deserialization of untrusted data, which can lead to object injection. Recommendations Update WooCommerce Infinite Scroll to a version...

WordPress plugin Jobica Core 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

PT-2026-28027

Name of the Vulnerable Software and Affected Versions JS Archive List versions through 6.1.7 Description A flaw exists in the deserialization of untrusted data within the jquery-archive-list-widget component of JS Archive List, potentially allowing for object injection. Recommendations Update JS...

PT-2026-27944

Name of the Vulnerable Software and Affected Versions Nexa Blocks versions through 1.1.1 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This issue impacts Nexa Blocks. Recommendations Update Nexa Blocks to a version later than...

PT-2026-27874

Name of the Vulnerable Software and Affected Versions NooTheme Visionary Core versions n/a through 1.4.9 Description An issue exists in NooTheme Visionary Core that allows for object injection due to deserialization of untrusted data. This impacts the noo-visionary-core component. Recommendations...

WordPress plugin Organici Library 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...