Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-11194

Malware in sbrugna...

8.8CVSS8.6AI score0.01967EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4449

Malicious code in bioql PyPI...

7.2CVSS9.2AI score0.0062EPSS
Exploits0References3
CVE
CVE
added 2025/07/16 11:28 a.m.21 views

CVE-2025-24777

CVE-2025-24777 is a PHP Object Injection vulnerability in the WordPress Hillter theme (Hillter) caused by deserialization of untrusted data. Affected: Hillter versions

8.8CVSS5.2AI score0.00462EPSS
Exploits0References1
CVE
CVE
added 2025/07/16 11:28 a.m.24 views

CVE-2025-28961

CVE-2025-28961 corresponds to a deserialization of untrusted data vulnerability in the WordPress URL Shortener plugin (Md Yeasin Ul Haider) 3.0.7 when available, as stated in the sources. The vulnerability is not described as rejected or reserved in the provided materials.

9.8CVSS5.9AI score0.00503EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/07/08 5:41 p.m.12 views

WordPress SureForms plugin <= 1.7.3 - Unauthenticated PHP Object Injection (PHAR) vulnerability

Unauthenticated PHP Object Injection PHAR vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin SureForms versions = 1.7.3...

7.5CVSS7.1AI score0.00465EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/06/27 11:52 a.m.28 views

CVE-2025-52827 WordPress Nuss theme <= 1.3.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in uxper Nuss nuss allows Object Injection.This issue affects Nuss: from n/a through = 1.3.3...

8.8CVSS0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 12:42 p.m.15 views

CVE-2025-49507 WordPress CozyStay theme < 1.7.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay cozystay allows Object Injection.This issue affects CozyStay: from n/a through 1.7.1...

9.8CVSS0.00509EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/09 12:0 a.m.8 views

WordPress TinySalt Theme < 3.10.0 is vulnerable to PHP Object Injection

Software TinySalt Type Theme Vulnerable versions 3.10.0 Fixed in 3.10.0 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-49455 Patch priority High CVSS severity High 9.8 Developer LoftOcean PSID 832baca8d9fd Credits Bonds Required privilege Unauthenticated Published 9...

9.8CVSS7.2AI score0.00362EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/23 12:43 p.m.19 views

CVE-2025-32292 WordPress Jarvis – Night Club, Concert, Festival WordPress theme <= 1.8.11 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Jarvis – Night Club, Concert, Festival WordPress jarvis allows Object Injection.This issue affects Jarvis – Night Club, Concert, Festival WordPress: from n/a through = 1.8.11...

9.8CVSS0.00503EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 7:53 p.m.16 views

CVE-2025-32928 WordPress Altair theme <= 5.2.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This issue affects Altair: from n/a through 5.2.2...

9.8CVSS6.9AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 7:51 p.m.10 views

CVE-2025-39349 WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object Injection.This issue affects CiyaShop: from n/a through 4.18.0...

9.8CVSS6.9AI score0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 6:58 p.m.25 views

CVE-2025-39410 WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...

9.8CVSS0.00408EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/07 3:6 p.m.12 views

WordPress WP-CRM System plugin <= 3.4.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Ngo Bui Truong Vu in WordPress Plugin WP-CRM System versions = 3.4.5...

7.2CVSS8.4AI score0.00467EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/04/17 3:48 p.m.13 views

CVE-2025-27287 WordPress SS Quiz Plugin <= 2.0.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ssvadim SS Quiz ssquiz allows Object Injection.This issue affects SS Quiz: from n/a through = 2.0.5...

9.8CVSS0.00503EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/17 3:47 p.m.5 views

CVE-2025-32658 WordPress HelpGent plugin <= 2.2.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in wpWax HelpGent allows Object Injection. This issue affects HelpGent: from n/a through 2.2.4...

9.8CVSS6.9AI score0.00424EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/14 1:31 p.m.6 views

WordPress Question Answer plugin <= 1.2.73 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin Question Answer versions = 1.2.73...

8.8CVSS8.5AI score0.00383EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/10 8:9 a.m.10 views

CVE-2025-32145 WordPress WpEvently plugin <= 4.3.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object Injection. This issue affects WpEvently: from n/a through 4.3.5...

8.8CVSS6.9AI score0.00419EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/18 11:38 a.m.23 views

CVE-2024-56059 WordPress Partners plugin <= 0.2.0 - PHP Object Injection vulnerability

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in farinspace Partners partners allows Object Injection.This issue affects Partners: from n/a through = 0.2.0...

9.8CVSS0.0166EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/11/18 2:27 p.m.328 views

CVE-2024-52430 WordPress Lis Video Gallery plugin <= 0.2.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in bublick Lis Video Gallery lis-video-gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through = 0.2.1...

9.8CVSS0.0105EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/20 8:10 a.m.13 views

CVE-2024-49332 WordPress Giveaway Boost plugin <= 2.1.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4...

9.8CVSS9.5AI score0.00509EPSS
Exploits0References1
Rows per page
Query Builder