Lucene search
K

3635 matches found

Nuclei
Nuclei
added yesterday25 views

My Geo Posts Free <= 1.2 - PHP Object Injection

The My Geo Posts Free plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.2 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If ...

9.8CVSS7.3AI score0.0307EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday27 views

GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1. This is due to insufficient input validation on user-supplied data. An unauthenticated attacker can inject a serialized PHP object, which...

10CVSS7.5AI score0.29101EPSS
Exploits3References4
Nuclei
Nuclei
added yesterday136 views

GiveWP - PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. id: CVE-2024-5932 info: name: GiveWP - PHP Object Injection author:...

10CVSS7.3AI score0.74283EPSS
Exploits11References7
CVE
CVE
added 2 days ago12 views

CVE-2026-57677

The CVE concerns the WordPress Novalnet Payment Gateway for WooCommerce plugin, affected versions

9.8CVSS5.8AI score0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57677 WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce = 12.10.3 versions...

9.8CVSS0.00336EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-57621

CVE-2026-57621 : Unauthenticated PHP Object Injection in the WordPress plugin Booktics (versions ≤ 1.0.21). Root cause as stated is PHP object injection in Booktics ≤ 1.0.21. CVSS 3.1 base score 9.8 (CRITICAL) with network attack vector, no user interaction, and impact to confidentiality, integri...

9.8CVSS5.8AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-27414

CVE-2026-27414 details (provided): WordPress Werkstatt theme

8.8CVSS5.8AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-27060

CVE-2026-27060 details (connected documents) : A PHP Object Injection vulnerability affects the WordPress ARMember Premium plugin (&lt;= 7.0). The root cause is PHP Object Injection in ARMember Premium

8.8CVSS5.8AI score0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-27060 WordPress ARMember Premium plugin <= 7.0 - PHP Object Injection vulnerability

Contributor PHP Object Injection in ARMember Premium = 7.0 versions...

8.8CVSS0.00288EPSS
Exploits0References1
Nuclei
Nuclei
added 2 days ago18 views

Better Search Replace < 1.4.5 - PHP Object Injection

The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. I...

9.8CVSS7.5AI score0.68047EPSS
Exploits2References2
Patchstack
Patchstack
added 4 days ago5 views

WordPress Werkstatt theme <= 4.8.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Werkstatt versions = 4.8.3...

8.8CVSS5.8AI score0.00288EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 4 days ago9 views

WordPress Export User Data plugin <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion vulnerability

Authenticated Subscriber+ PHP Object Injection to Arbitrary File Deletion vulnerability discovered by Webbernaut in WordPress Plugin Export User Data versions = 2.2.6...

8CVSS5.8AI score0.00341EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by qdtad in WordPress Plugin Novalnet Payment Gateway for WooCommerce versions = 12.10.3...

9.8CVSS5.8AI score0.00336EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56057

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS0.00426EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-56031

Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...

8.1CVSS0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.32 views

CVE-2026-56057 WordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerability

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS0.00426EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.6 views

EUVD-2026-39711

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS5.8AI score0.00426EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.46 views

CVE-2026-56032 WordPress Buddyboss Platform plugin <= 3.0.4 - PHP Object Injection vulnerability

Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...

9.8CVSS0.00525EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.31 views

CVE-2026-56031 WordPress Uncanny Automator plugin <= 7.3.1.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...

8.1CVSS0.00317EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.12 views

CVE-2026-56031

The CVE-2026-56031 entry covers an Unauthenticated PHP Object Injection in the WordPress plugin Uncanny Automator , affecting versions

8.1CVSS5.8AI score0.00317EPSS
Exploits0References1
Rows per page
Query Builder