Lucene search
K

26874 matches found

NVD
NVD
added 2 hours ago4 views

CVE-2026-57433

Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SXHOOK record. retrievehookcommon reads a signed 32-bit item count from an SXHOOK record and calls avextend with that count plus one. A count of I32MAX wraps the addition to a negative value. A...

Exploits0References1
NVD
NVD
added 9 hours ago5 views

CVE-2026-59521

Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial-free allows Object Injection.This issue affects Real Testimonials: from n/a through = 3.1.15...

7.2CVSS
Exploits0References1
NVD
NVD
added 9 hours ago6 views

CVE-2026-59518

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS
Exploits0References1
NVD
NVD
added 9 hours ago3 views

CVE-2026-57770

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through = 5.7.8...

9.8CVSS
Exploits0References1
NVD
NVD
added 9 hours ago2 views

CVE-2026-57744

Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

9.8CVSS
Exploits0References1
NVD
NVD
added 9 hours ago3 views

CVE-2026-57738

Deserialization of Untrusted Data vulnerability in axiomthemes 777 triple-seven allows Object Injection.This issue affects 777: from n/a through = 1.13.0...

9.8CVSS
Exploits0References1
NVD
NVD
added 9 hours ago2 views

CVE-2026-57724

Deserialization of Untrusted Data vulnerability in Themeum Kirki kirki allows Object Injection.This issue affects Kirki: from n/a through = 6.0.12...

9.8CVSS
Exploits0References1
NVD
NVD
added 9 hours ago3 views

CVE-2026-57713

Deserialization of Untrusted Data vulnerability in Marcus aka @msykes Events Manager events-manager allows Object Injection.This issue affects Events Manager: from n/a through = 7.3.6...

8.8CVSS
Exploits0References1
NVD
NVD
added 9 hours ago2 views

CVE-2026-57371

Deserialization of Untrusted Data vulnerability in denishua WPJAM Basic wpjam-basic allows Object Injection.This issue affects WPJAM Basic: from n/a through = 7.0...

8.8CVSS
Exploits0References1
CVE
CVE
added 11 hours ago9 views

CVE-2026-57770

The CVE-2026-57770 entry concerns Deserialization of Untrusted Data in the WordPress Theme Grand Photography plugin/theme. Affected: Grand Photography versions up to 5.7.8. Root cause: PHP object injection arising from untrusted data deserialization. Impact: high confidentiality, integrity, and a...

9.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added 11 hours ago12 views

CVE-2026-59518

CVE-2026-59518 affects the WordPress Directorist plugin (Directorist) versions up to 8.8.2. It is a PHP object-injection vulnerability caused by deserialization of untrusted data, with CVSS v3.1 base score 9.8 (Network, Low attack complexity, No privileges, No user interaction; Confidentiality/In...

9.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added 11 hours ago5 views

CVE-2026-59521

The CVE-2026-59521 issue affects the WordPress Real Testimonials plugin (testimonial-free) by Deserialization of Untrusted Data, enabling PHP object injection in versions

7.2CVSS6.1AI score
Exploits0References1
CVE
CVE
added 11 hours ago10 views

CVE-2026-57744

The CVE-2026-57744 entry describes a PHP Object Injection vulnerability in the WordPress plugin RT-Theme 18 Extensions, affected versions up to and including 2.5. The root cause is Deserialization of Untrusted Data, enabling object injection. Impact is rated high (CVSS 3.1: 9.8, Confidentiality/I...

9.8CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 11 hours ago3 views

CVE-2026-57770 WordPress Grand Photography theme <= 5.7.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through = 5.7.8...

9.8CVSS
Exploits0References1
Cvelist
Cvelist
added 11 hours ago5 views

CVE-2026-59521 WordPress Real Testimonials plugin <= 3.1.15 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial-free allows Object Injection.This issue affects Real Testimonials: from n/a through = 3.1.15...

7.2CVSS
Exploits0References1
Cvelist
Cvelist
added 11 hours ago6 views

CVE-2026-57744 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

9.8CVSS
Exploits0References1
Cvelist
Cvelist
added 11 hours ago4 views

CVE-2026-59518 WordPress Directorist plugin <= 8.8.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS
Exploits0References1
CVE
CVE
added 11 hours ago10 views

CVE-2026-57713

CVE-2026-57713 : The WordPress Plugins Events Manager (events-manager ) is affected up to version 7.3.6. The issue is a PHP Object Injection caused by deserialization of untrusted data, enabling object injection. The affected component is the Events Manager plugin for WordPress; root cause is des...

8.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added 11 hours ago11 views

CVE-2026-57724

CVE-2026-57724 affects the WordPress Kirki plugin (Kirki &lt;= 6.0.12). The root cause is a deserialization of untrusted data leading to PHP Object Injection . According to the sources, this vulnerability can be exploited remotely (network attack vector) with no user interaction and can impact co...

9.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added 11 hours ago9 views

CVE-2026-57738

CVE-2026-57738 affects WordPress Theme 777 (axiomthemes) up to version 1.13.0. The issue is a PHP object‑injection via deserialization of untrusted data in the 777 plugin/theme, enabling arbitrary object injection with high impact (CVSS 3.1: 9.8, Network attack, no user interaction). Connected so...

9.8CVSS6.1AI score
Exploits0References1
Rows per page
Query Builder