Lucene search
K

34356 matches found

CVE
CVE
added 2026/03/25 4:14 p.m.6 views

CVE-2026-24989

CVE-2026-24989 describes a deserialization of untrusted data in the SUMO Affiliates Pro plugin for WordPress (affs), enabling PHP object injection. Affected: SUMO Affiliates Pro versions below 11.4.0. Root cause: deserialization of untrusted input leading to object injection. Impact: according to...

9.8CVSS5.8AI score0.00375EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.24 views

CVE-2026-24989 WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...

9.8CVSS0.00375EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.8 views

CVE-2026-24978

CVE-2026-24978 describes a Deserialization of Untrusted Data vulnerability in Jobica Core (NooTheme) that enables PHP Object Injection. Affected software: Jobica Core

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-24981 WordPress Visionary Core plugin <= 1.4.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Visionary Core noo-visionary-core allows Object Injection.This issue affects Visionary Core: from n/a through = 1.4.9...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.1 views

CVE-2026-24978 WordPress Jobica Core plugin <= 1.4.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Jobica Core jobica-core allows Object Injection.This issue affects Jobica Core: from n/a through = 1.4.1...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.6 views

CVE-2026-24981

CVE-2026-24981 is a Deserialization of Untrusted Data vulnerability in Visionary Core (NooVisionary Core) affecting Visionary Core versions from a pre-release to and including 1.4.9. The issue allows PHP object injection due to deserialization of untrusted data. CVSS v3.1 vector: AV:N/AC:L/PR:L/U...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.26 views

CVE-2026-24981 WordPress Visionary Core plugin <= 1.4.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Visionary Core noo-visionary-core allows Object Injection.This issue affects Visionary Core: from n/a through = 1.4.9...

8.8CVSS0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.23 views

CVE-2026-24978 WordPress Jobica Core plugin <= 1.4.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Jobica Core jobica-core allows Object Injection.This issue affects Jobica Core: from n/a through = 1.4.1...

8.8CVSS0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.0 views

CVE-2026-24976 WordPress Organici Library plugin <= 2.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Organici Library noo-organici-library allows Object Injection.This issue affects Organici Library: from n/a through = 2.1.2...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.8 views

CVE-2026-24976

The CVE CVE-2026-24976 affects the Organici Library (noo-organici-library) in WordPress via an Authenticated (Subscriber+) PHP Object Injection vulnerability, with the vulnerability being disclosed by Wordfence and described as affecting Organici Library versions from - up to 2.1.2. The connected...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.25 views

CVE-2026-24976 WordPress Organici Library plugin <= 2.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Organici Library noo-organici-library allows Object Injection.This issue affects Organici Library: from n/a through = 2.1.2...

8.8CVSS0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.23 views

CVE-2026-24974 WordPress CitiLights theme <= 3.7.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme CitiLights noo-citilights allows Object Injection.This issue affects CitiLights: from n/a through = 3.7.1...

8.8CVSS0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.11 views

CVE-2026-24974

CVE-2026-24974 concerns the CitiLights WordPress Theme (noo-citilights) vulnerability: Deserialization of untrusted data enabling PHP object injection. Affected software: CitiLights Real Estate WordPress Theme (noo-citilights) versions up to and including 3.7.1. The issue is authenticated (Subscr...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.3 views

CVE-2026-24974 WordPress CitiLights theme <= 3.7.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme CitiLights noo-citilights allows Object Injection.This issue affects CitiLights: from n/a through = 3.7.1...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.25 views

CVE-2026-24378 WordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Object Injection.This issue affects EventPrime: from n/a through = 4.2.8.0...

9.8CVSS0.0051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-24378 WordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Object Injection.This issue affects EventPrime: from n/a through = 4.2.8.0...

9.8CVSS5.8AI score0.0051EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.7 views

CVE-2026-24378

CVE-2026-24378 describes a Deserialization of Untrusted Data flaw in EventPrime (Events Calendar, Bookings and Tickets) that enables unauthenticated PHP object injection. Affected: EventPrime

9.8CVSS5.8AI score0.0051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.3 views

CVE-2026-23971 WordPress WoodMart theme <= 8.3.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in xtemos WoodMart woodmart allows Object Injection.This issue affects WoodMart: from n/a through = 8.3.8...

8.1CVSS5.9AI score0.00308EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.15 views

CVE-2026-23971

CVE-2026-23971 concerns a Deserialization of Untrusted Data vulnerability in the WordPress WoodMart theme (WoodMart) affecting versions from unknown up to and including 8.3.8. The underlying issue is PHP Object Injection via untrusted data deserialization, with a high impact profile (CVSS 3.1: 8....

8.1CVSS5.8AI score0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.24 views

CVE-2026-23971 WordPress WoodMart theme <= 8.3.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in xtemos WoodMart woodmart allows Object Injection.This issue affects WoodMart: from n/a through = 8.3.8...

8.1CVSS0.00308EPSS
Exploits0References1
Rows per page
Query Builder