25 matches found
EUVD-2021-11194
Malware in sbrugna...
EUVD-2025-4449
Malicious code in bioql PyPI...
CVE-2025-24777
CVE-2025-24777 is a PHP Object Injection vulnerability in the WordPress Hillter theme (Hillter) caused by deserialization of untrusted data. Affected: Hillter versions
CVE-2025-28961
CVE-2025-28961 corresponds to a deserialization of untrusted data vulnerability in the WordPress URL Shortener plugin (Md Yeasin Ul Haider) 3.0.7 when available, as stated in the sources. The vulnerability is not described as rejected or reserved in the provided materials.
WordPress SureForms plugin <= 1.7.3 - Unauthenticated PHP Object Injection (PHAR) vulnerability
Unauthenticated PHP Object Injection PHAR vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin SureForms versions = 1.7.3...
CVE-2025-52827 WordPress Nuss theme <= 1.3.3 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in uxper Nuss nuss allows Object Injection.This issue affects Nuss: from n/a through = 1.3.3...
CVE-2025-49507 WordPress CozyStay theme < 1.7.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay cozystay allows Object Injection.This issue affects CozyStay: from n/a through 1.7.1...
WordPress TinySalt Theme < 3.10.0 is vulnerable to PHP Object Injection
Software TinySalt Type Theme Vulnerable versions 3.10.0 Fixed in 3.10.0 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-49455 Patch priority High CVSS severity High 9.8 Developer LoftOcean PSID 832baca8d9fd Credits Bonds Required privilege Unauthenticated Published 9...
CVE-2025-32292 WordPress Jarvis – Night Club, Concert, Festival WordPress theme <= 1.8.11 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in AncoraThemes Jarvis – Night Club, Concert, Festival WordPress jarvis allows Object Injection.This issue affects Jarvis – Night Club, Concert, Festival WordPress: from n/a through = 1.8.11...
CVE-2025-32928 WordPress Altair theme <= 5.2.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This issue affects Altair: from n/a through 5.2.2...
CVE-2025-39349 WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object Injection.This issue affects CiyaShop: from n/a through 4.18.0...
CVE-2025-39410 WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...
WordPress WP-CRM System plugin <= 3.4.5 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Ngo Bui Truong Vu in WordPress Plugin WP-CRM System versions = 3.4.5...
CVE-2025-27287 WordPress SS Quiz Plugin <= 2.0.5 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ssvadim SS Quiz ssquiz allows Object Injection.This issue affects SS Quiz: from n/a through = 2.0.5...
CVE-2025-32658 WordPress HelpGent plugin <= 2.2.4 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in wpWax HelpGent allows Object Injection. This issue affects HelpGent: from n/a through 2.2.4...
WordPress Question Answer plugin <= 1.2.73 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin Question Answer versions = 1.2.73...
CVE-2025-32145 WordPress WpEvently plugin <= 4.3.5 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object Injection. This issue affects WpEvently: from n/a through 4.3.5...
CVE-2024-56059 WordPress Partners plugin <= 0.2.0 - PHP Object Injection vulnerability
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in farinspace Partners partners allows Object Injection.This issue affects Partners: from n/a through = 0.2.0...
CVE-2024-52430 WordPress Lis Video Gallery plugin <= 0.2.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in bublick Lis Video Gallery lis-video-gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through = 0.2.1...
CVE-2024-49332 WordPress Giveaway Boost plugin <= 2.1.4 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4...