EUVD-2025-28794

Malicious code in bioql PyPI...

CVE-2025-8145

The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the getleadfields function. This makes it possible for unauthenticated attackers to inject a PHP Object. The addition...

CVE-2025-8145 Redirection for Contact Form 7 <= 3.2.4 - Unauthenticated PHP Object Injection

The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the getleadfields function. This makes it possible for unauthenticated attackers to inject a PHP Object. The addition...

CVE-2025-8145

CVE-2025-8145 affects the WordPress plugin Redirection for Contact Form 7 (versions up to and including 3.2.4). The vulnerability arises from deserialization of untrusted input in the get_lead_fields function, enabling unauthenticated PHP object injection. The presence of a POP chain in the plugi...

CVE-2025-8145 Redirection for Contact Form 7 <= 3.2.4 - Unauthenticated PHP Object Injection

The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the getleadfields function. This makes it possible for unauthenticated attackers to inject a PHP Object. The addition...