34356 matches found
CVE-2026-25359 WordPress Pendulum theme < 3.1.5 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Pendulum pendulum allows Object Injection.This issue affects Pendulum: from n/a through 3.1.5...
CVE-2026-25360
CVE-2026-25360 corresponds to a Deserialization of Untrusted Data vulnerability in the Vex plugin by Vex (Vex) for WordPress. Affected product: Vex = 1.2.9). Connected Wordfence details also list the CVE-2026-25360 under the Wordfence vulnerability repository with the same patched status and attr...
CVE-2026-25360 WordPress Vex theme < 1.2.9 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Vex vex allows Object Injection.This issue affects Vex: from n/a through 1.2.9...
CVE-2026-25359
CVE-2026-25359 describes a Deserialization of Untrusted Data vulnerability in the Pendulum theme for WordPress, allowing PHP Object Injection. Affected software: Pendulum from no public earliest version up to
CVE-2026-25358 WordPress Meloo theme < 2.8.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through 2.8.2...
CVE-2026-25358 WordPress Meloo theme < 2.8.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through 2.8.2...
CVE-2026-25358
The CVE-2026-25358 entry covers a PHP object-injection vulnerability in the WordPress Meloo theme, affecting Meloo versions prior to 2.8.2. Root cause: deserialization of untrusted data could lead to object injection. Impact as stated includes high confidentiality, integrity, and availability con...
CVE-2026-25030 WordPress Goldish theme < 3.47 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Goldish goldish allows Object Injection.This issue affects Goldish: from n/a through 3.47...
CVE-2026-25031
The CVE-2026-25031 advisory describes a Deserialization of Untrusted Data vulnerability in the WordPress theme Tasty Daily by park_of_ideas. Concrete details across connected sources show that the issue is an Object Injection vulnerability in Tasty Daily tastydaily prior to version 1.27, caused b...
CVE-2026-25032 WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through 2.31...
CVE-2026-25030
CVE-2026-25030 affects WordPress Goldish theme versions prior to 3.47. The vulnerability is due to deserialization of untrusted data, enabling PHP object injection in Goldish. Impact is described as high for confidentiality, integrity, and availability with network access and no user interaction ...
CVE-2026-25030 WordPress Goldish theme < 3.47 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Goldish goldish allows Object Injection.This issue affects Goldish: from n/a through 3.47...
CVE-2026-25031 WordPress Tasty Daily theme < 1.27 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Tasty Daily tastydaily allows Object Injection.This issue affects Tasty Daily: from n/a through 1.27...
CVE-2026-25031 WordPress Tasty Daily theme < 1.27 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Tasty Daily tastydaily allows Object Injection.This issue affects Tasty Daily: from n/a through 1.27...
CVE-2026-25032 WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through 2.31...
CVE-2026-25032
CVE-2026-25032 affects WordPress Ricky theme versions prior to 2.31. The issue is a Deserialization of Untrusted Data vulnerability that allows PHP Object Injection via the Ricky theme’s deserialization path. Current sources describe the affected component as the Ricky WordPress theme and indicat...
CVE-2026-25029
CVE-2026-25029 concerns the WordPress KIDZ theme (KIDZ) with versions up to 5.24. The issue is a Deserialization of Untrusted Data vulnerability that enables PHP Object Injection in the KIDZ component. Root cause: untrusted data deserialization allowing object injection, potentially enabling mali...
CVE-2026-25029 WordPress KIDZ theme <= 5.24 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas KIDZ kidz allows Object Injection.This issue affects KIDZ: from n/a through = 5.24...
CVE-2026-25029 WordPress KIDZ theme <= 5.24 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in parkofideas KIDZ kidz allows Object Injection.This issue affects KIDZ: from n/a through = 5.24...
CVE-2026-24989 WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...