Lucene search
K

8194 matches found

NVD
NVD
added yesterday5 views

CVE-2026-59521

Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial-free allows Object Injection.This issue affects Real Testimonials: from n/a through = 3.1.15...

7.2CVSS0.00539EPSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-59518

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS0.00564EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57770

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through = 5.7.8...

9.8CVSS0.00564EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57738

Deserialization of Untrusted Data vulnerability in axiomthemes 777 triple-seven allows Object Injection.This issue affects 777: from n/a through = 1.13.0...

9.8CVSS0.00564EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57744

Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

9.8CVSS0.00564EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57724

Deserialization of Untrusted Data vulnerability in Themeum Kirki kirki allows Object Injection.This issue affects Kirki: from n/a through = 6.0.12...

9.8CVSS0.00564EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57713

Deserialization of Untrusted Data vulnerability in Marcus aka @msykes Events Manager events-manager allows Object Injection.This issue affects Events Manager: from n/a through = 7.3.6...

8.8CVSS0.00461EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57371

Deserialization of Untrusted Data vulnerability in denishua WPJAM Basic wpjam-basic allows Object Injection.This issue affects WPJAM Basic: from n/a through = 7.0...

8.8CVSS0.00518EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-43286

The Database for Contact Form 7, WPforms, Elementor forms WordPress plugin before 1.5.2 does not restrict the PHP classes allowed when unserializing an attacker-supplied form-field value, allowing unauthenticated users to inject arbitrary PHP objects that are instantiated when an administrator...

5CVSS6.2AI score0.00157EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday9 views

CVE-2026-57770 WordPress Grand Photography theme <= 5.7.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through = 5.7.8...

9.8CVSS0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday13 views

CVE-2026-57744 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

9.8CVSS0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-59521 WordPress Real Testimonials plugin <= 3.1.15 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial-free allows Object Injection.This issue affects Real Testimonials: from n/a through = 3.1.15...

7.2CVSS0.00539EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-59518 WordPress Directorist plugin <= 8.8.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS0.00564EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-57770

The CVE-2026-57770 entry concerns Deserialization of Untrusted Data in the WordPress Theme Grand Photography plugin/theme. Affected: Grand Photography versions up to 5.7.8. Root cause: PHP object injection arising from untrusted data deserialization. Impact: high confidentiality, integrity, and a...

9.8CVSS6.1AI score0.00564EPSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-57744

The CVE-2026-57744 entry describes a PHP Object Injection vulnerability in the WordPress plugin RT-Theme 18 Extensions, affected versions up to and including 2.5. The root cause is Deserialization of Untrusted Data, enabling object injection. Impact is rated high (CVSS 3.1: 9.8, Confidentiality/I...

9.8CVSS6.1AI score0.00564EPSS
Exploits0References1
CVE
CVE
added yesterday13 views

CVE-2026-59518

CVE-2026-59518 affects the WordPress Directorist plugin (Directorist) versions up to 8.8.2. It is a PHP object-injection vulnerability caused by deserialization of untrusted data, with CVSS v3.1 base score 9.8 (Network, Low attack complexity, No privileges, No user interaction; Confidentiality/In...

9.8CVSS6.1AI score0.00564EPSS
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-59521

The CVE-2026-59521 issue affects the WordPress Real Testimonials plugin (testimonial-free) by Deserialization of Untrusted Data, enabling PHP object injection in versions

7.2CVSS6.1AI score0.00539EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57738 WordPress 777 theme <= 1.13.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in axiomthemes 777 triple-seven allows Object Injection.This issue affects 777: from n/a through = 1.13.0...

9.8CVSS0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57713 WordPress Events Manager plugin <= 7.3.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Marcus aka @msykes Events Manager events-manager allows Object Injection.This issue affects Events Manager: from n/a through = 7.3.6...

8.8CVSS0.00461EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57724 WordPress Kirki plugin <= 6.0.12 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeum Kirki kirki allows Object Injection.This issue affects Kirki: from n/a through = 6.0.12...

9.8CVSS0.00564EPSS
Exploits0References1
Rows per page
Query Builder