34322 matches found
CVE-2026-25031
Deserialization of Untrusted Data vulnerability in parkofideas Tasty Daily tastydaily allows Object Injection.This issue affects Tasty Daily: from n/a through 1.27...
CVE-2026-25032
Deserialization of Untrusted Data vulnerability in parkofideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through 2.31...
CVE-2026-24989
Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...
CVE-2026-24978
Deserialization of Untrusted Data vulnerability in NooTheme Jobica Core jobica-core allows Object Injection.This issue affects Jobica Core: from n/a through = 1.4.1...
CVE-2026-24981
Deserialization of Untrusted Data vulnerability in NooTheme Visionary Core noo-visionary-core allows Object Injection.This issue affects Visionary Core: from n/a through = 1.4.9...
CVE-2026-24974
Deserialization of Untrusted Data vulnerability in NooTheme CitiLights noo-citilights allows Object Injection.This issue affects CitiLights: from n/a through = 3.7.1...
CVE-2026-24976
Deserialization of Untrusted Data vulnerability in NooTheme Organici Library noo-organici-library allows Object Injection.This issue affects Organici Library: from n/a through = 2.1.2...
CVE-2026-24378
Deserialization of Untrusted Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Object Injection.This issue affects EventPrime: from n/a through = 4.2.8.0...
CVE-2026-23971
Deserialization of Untrusted Data vulnerability in xtemos WoodMart woodmart allows Object Injection.This issue affects WoodMart: from n/a through = 8.3.8...
CVE-2026-22510
Deserialization of Untrusted Data vulnerability in AncoraThemes Melody melodyschool allows Object Injection.This issue affects Melody: from n/a through = 1.6.3...
CVE-2026-22500
Deserialization of Untrusted Data vulnerability in axiomthemes m2 | Construction and Tools Store m2-ce allows Object Injection.This issue affects m2 | Construction and Tools Store: from n/a through = 1.1.2...
CVE-2026-22505
Deserialization of Untrusted Data vulnerability in AncoraThemes Morning Records morning-records allows Object Injection.This issue affects Morning Records: from n/a through = 1.2...
CVE-2026-22507
Deserialization of Untrusted Data vulnerability in AncoraThemes Beelove beelove allows Object Injection.This issue affects Beelove: from n/a through = 1.2.6...
CVE-2026-22480
Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through = 2.3.3...
SUSE CVE-2026-23300
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop When a standalone IPv6 nexthop object is created with a loopback device e.g., "ip -6 nexthop add id 100 dev lo", fib6nhinit misclassifies it as a reject route...
CVE-2026-32535 WordPress JS Help Desk plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through = 3.0.3...
CVE-2026-32535 WordPress JS Help Desk plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through = 3.0.3...
CVE-2026-32535
The provided Connected documents confirm CVE-2026-32535 affects the WordPress JS Help Desk plugin (versions ≤ 3.0.3). The vulnerability is an Insecure Direct Object References (IDOR) leading to an Authorization Bypass through a User-Controlled Key, caused by misconfigured access control security ...
CVE-2026-32533 WordPress LatePoint plugin <= 5.2.6 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LatePoint: from n/a through = 5.2.6...
CVE-2026-32533
CVE-2026-32533 (WordPress LatePoint plugin 5.2.6 are implied), or apply vendor-provided mitigation if available in connected sources. If exploitation details are not documented, note that no exploitation details are provided in the supplied documents.