CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8050 matches found

NVD•added 2026/03/19 9:16 a.m.•4 views

CVE-2025-60233

Deserialization of Untrusted Data vulnerability in Themeton Zuut allows Object Injection.This issue affects Zuut: from n/a through 1.4.2...

9.8CVSS0.00386EPSS

Exploits0References1

Vulnrichment•added 2026/03/19 8:37 a.m.•1 views

CVE-2026-25445 WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...

8.8CVSS5.8AI score0.00301EPSS

Exploits0References1

CVE•added 2026/03/19 8:37 a.m.•18 views

CVE-2026-25445

The vulnerability is a PHP object injection in the WordPress plugin WishList Member X (affected versions: up to 3.29.0). It stems from a deserialization of untrusted data, enabling object injection that can impact confidentiality, integrity, and availability. The CVSS 3.1 base score is 8.8 (HIGH)...

8.8CVSS5.2AI score0.00301EPSS

Exploits0References1

ATTACKERKB•added 2026/03/19 8:37 a.m.•5 views

CVE-2026-25445

Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...

8.8CVSS5.8AI score0.00301EPSS

Exploits0References2

Cvelist•added 2026/03/19 8:37 a.m.•23 views

CVE-2026-25445 WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0...

8.8CVSS0.00301EPSS

Exploits0References1

ATTACKERKB•added 2026/03/19 8:14 a.m.•2 views

CVE-2025-60237

Deserialization of Untrusted Data vulnerability in Themeton Finag allows Object Injection.This issue affects Finag: from n/a through 1.5.0...

9.8CVSS5.8AI score0.00511EPSS

Exploits0References2

Vulnrichment•added 2026/03/19 8:14 a.m.•2 views

CVE-2025-60237 WordPress Finag theme <= 1.5.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeton Finag allows Object Injection.This issue affects Finag: from n/a through 1.5.0...

9.8CVSS5.8AI score0.00511EPSS

Exploits0References1

Cvelist•added 2026/03/19 8:14 a.m.•24 views

CVE-2025-60237 WordPress Finag theme <= 1.5.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeton Finag allows Object Injection.This issue affects Finag: from n/a through 1.5.0...

9.8CVSS0.00511EPSS

Exploits0References1

CVE•added 2026/03/19 8:14 a.m.•8 views

CVE-2025-60237

CVE-2025-60237 affects the WordPress Finag theme up to version 1.5.0, describing a PHP Object Injection via deserialization of untrusted data. Reported across multiple sources (NVD, Red Hat, EUVD, CVE records, CVE List) with a CVSS v3.1 base score of 9.8 (CRITICAL), network attack vector, low att...

9.8CVSS5.2AI score0.00511EPSS

Exploits0References1

Cvelist•added 2026/03/19 8:13 a.m.•23 views

CVE-2025-60233 WordPress Zuut theme <= 1.4.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeton Zuut allows Object Injection.This issue affects Zuut: from n/a through 1.4.2...

9.8CVSS0.00386EPSS

Exploits0References1

Vulnrichment•added 2026/03/19 8:13 a.m.•2 views

CVE-2025-60233 WordPress Zuut theme <= 1.4.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeton Zuut allows Object Injection.This issue affects Zuut: from n/a through 1.4.2...

9.8CVSS5.8AI score0.00386EPSS

Exploits0References1

ATTACKERKB•added 2026/03/19 8:13 a.m.•3 views

CVE-2025-60233

Deserialization of Untrusted Data vulnerability in Themeton Zuut allows Object Injection.This issue affects Zuut: from n/a through 1.4.2...

9.8CVSS5.8AI score0.00386EPSS

Exploits0References2

CVE•added 2026/03/19 8:13 a.m.•9 views

CVE-2025-60233

CVE-2025-60233 affects WordPress Zuut theme

9.8CVSS5.2AI score0.00386EPSS

Exploits0References1

EUVD•added 2026/03/19 6:30 a.m.•7 views

EUVD-2026-13053

Deserialization of Untrusted Data vulnerability in BuddhaThemes ColorFolio - Freelance Designer WordPress Theme allows Object Injection.This issue affects ColorFolio - Freelance Designer WordPress Theme: from n/a through 1.3...

8.1CVSS5.8AI score0.00324EPSS

Exploits0References2

NVD•added 2026/03/19 6:16 a.m.•4 views

CVE-2026-27096

8.1CVSS0.00324EPSS

Exploits0References1

Cvelist•added 2026/03/19 5:31 a.m.•22 views

CVE-2026-27096 WordPress ColorFolio - Freelance Designer WordPress Theme theme <= 1.3 - Deserialization of untrusted data vulnerability

8.1CVSS0.00324EPSS

Exploits0References1

Vulnrichment•added 2026/03/19 5:31 a.m.•1 views

CVE-2026-27096 WordPress ColorFolio - Freelance Designer WordPress Theme theme <= 1.3 - Deserialization of untrusted data vulnerability

8.1CVSS5.8AI score0.00324EPSS

Exploits0References1

ATTACKERKB•added 2026/03/19 5:31 a.m.•1 views

CVE-2026-27096

8.1CVSS5.8AI score0.00324EPSS

Exploits0References2

CVE•added 2026/03/19 5:31 a.m.•12 views

CVE-2026-27096

CVE-2026-27096 : Deserialization of Untrusted Data vulnerability in the BuddhaThemes ColorFolio - Freelance Designer WordPress Theme (ColorFolio) up to version 1.3, enabling Object Injection. The issue is described across multiple sources (NVD/Red Hat ENISA/CIRCL, CVE list, PatchStack) with a CVS...

8.1CVSS5.2AI score0.00324EPSS

Exploits0References1

CNNVD•added 2026/03/19 12:0 a.m.•4 views

WordPress plugin WishList Member X 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

8.8CVSS5.9AI score0.00301EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by