CVE-2025-60180

CVE-2025-60180 concerns a deserialization of untrusted data vulnerability in the WordPress plugin WP Gravity Forms Salesforce gf-salesforce-crmperks . The issue affects WP Gravity Forms Salesforce versions up to 1.5.1 and is described as PHP Object Injection caused by deserializing untrusted inpu...

CVE-2025-60180 WordPress WP Gravity Forms Salesforce plugin <= 1.5.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through = 1.5.1...

CVE-2025-60180 WordPress WP Gravity Forms Salesforce plugin <= 1.5.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through = 1.5.1...

CVE-2025-60178 WordPress WP Gravity Forms HubSpot plugin <= 1.2.6 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...

CVE-2025-60178

CVE-2025-60178 affects the WordPress plugin WP Gravity Forms HubSpot gf-hubspot

CVE-2025-60178 WordPress WP Gravity Forms HubSpot plugin <= 1.2.6 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...

CVE-2025-60091 WordPress WP Gravity Forms Zoho CRM and Bigin plugin <= 1.2.9 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through = 1.2.9...

CVE-2025-60089 WordPress WP Gravity Forms FreshDesk plugin plugin <= 1.3.5 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Object Injection.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through = 1.3.5...

CVE-2025-60090 WordPress WP Gravity Forms Insightly plugin <= 1.1.6 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...

CVE-2025-60174

CVE-2025-60174 affects the WordPress plugin WP Gravity Forms Constant Contact Plugin gf-constant-contact (versions from unspecified n/a up to and including 1.1.2). The vulnerability is described as a Deserialization of Untrusted Data issue that allows Object Injection. Core details provided acros...

CVE-2025-60090 WordPress WP Gravity Forms Insightly plugin <= 1.1.6 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...

CVE-2025-60091 WordPress WP Gravity Forms Zoho CRM and Bigin plugin <= 1.2.9 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through = 1.2.9...

CVE-2025-60091

CVE-2025-60091 describes a deserialization of untrusted data vulnerability in the WordPress plugin gf-zoho (also affecting Gravity Forms Zoho CRM and Bigin) up to version 1.2.9. The underlying issue is an object‑injection risk arising from deserialization in this plugin, which leads to potential ...

CVE-2025-60174 WordPress WP Gravity Forms Constant Contact plugin plugin <= 1.1.2 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through = 1.1.2...

CVE-2025-60174 WordPress WP Gravity Forms Constant Contact plugin plugin <= 1.1.2 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through = 1.1.2...

CVE-2025-60089

CVE-2025-60089 describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin WP Gravity Forms FreshDesk Plugin gf-freshdesk (versions n/a through 1.3.5). The underlying issue is object injection via untrusted data during deserialization, as stated in multiple sources. The CV...

CVE-2025-60089 WordPress WP Gravity Forms FreshDesk plugin plugin <= 1.3.5 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Object Injection.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through = 1.3.5...

CVE-2025-60090

CVE-2025-60090 affects the WordPress plugin “WP Gravity Forms Insightly” (GF-Insightly) for CRM Perks, with affected versions from unspecified n/a up to and including 1.1.6. The issue is a deserialization of untrusted data that allows Object Injection . The CVSS 3.1 base metrics indicate a CRITIC...

EUVD-2025-204104

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through = 6.3.1...

CVE-2025-60080

CVE-2025-60080 affects the WordPress plugin PDF for Gravity Forms + Drag And Drop Template Builder (versions n/a to 6.3.0, with related notices in other feeds). Root cause is Deserialization of Untrusted Data leading to Object Injection. This vulnerability is described across multiple sources (Re...