WordPress Buying Buddy IDX CRM plugin <= 1.2.8 - CSRF to PHP Object Injection vulnerability

CSRF to PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Buying Buddy IDX CRM versions = 1.2.8...

WordPress Geolocator plugin <= 1.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Geolocator versions = 1.1...

WordPress Team Rosters plugin <= 4.8.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Team Rosters versions = 4.8.2...

WordPress QRMenu Restaurant QR Menu Lite Plugin <= 1.0.3 is vulnerable to PHP Object Injection

Software QRMenu Restaurant QR Menu Lite Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52445 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID faf2a3afc906 Credits LVT-tholv2k Required...

WordPress Geolocator Plugin <= 1.1 is vulnerable to PHP Object Injection

Software Geolocator Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52443 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 70b8a65b2fb3 Credits LVT-tholv2k Required privilege Unauthenticated...

WordPress Quick Learn Plugin <= 1.0.1 is vulnerable to PHP Object Injection

Software Quick Learn Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52441 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 09d3039a1cf9 Credits LVT-tholv2k Required privilege Unauthenticated...

WordPress Team Rosters Plugin <= 4.6 is vulnerable to PHP Object Injection

Software Team Rosters Type Plugin Vulnerable versions = 4.6 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52439 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 946aef8ce4ba Credits Mika Required privilege Unauthenticated Publish...

WordPress Xpresslane Fast Checkout Plugin <= 1.0.0 is vulnerable to PHP Object Injection

Software Xpresslane Fast Checkout Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52440 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2eaf53da7194 Credits LVT-tholv2k Required privilege...

CVE-2024-52410 WordPress Referrer Detector plugin <= 4.2.1.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector referrer-detector allows Object Injection.This issue affects Referrer Detector: from n/a through = 4.2.1.0...

CVE-2024-52410 WordPress Referrer Detector plugin <= 4.2.1.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector referrer-detector allows Object Injection.This issue affects Referrer Detector: from n/a through = 4.2.1.0...

CVE-2024-52411 WordPress Advanced Personalization plugin <= 1.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in flowcraft Advanced Personalization personalization-by-flowcraft allows Object Injection.This issue affects Advanced Personalization: from n/a through = 1.1.2...

CVE-2024-52411 WordPress Advanced Personalization plugin <= 1.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Flowcraft UX Design Studio Advanced Personalization allows Object Injection.This issue affects Advanced Personalization: from n/a through 1.1.2...

CVE-2024-52413 WordPress Airin Blog theme <= 1.6.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in dmcwebzone Airin Blog airin-blog allows Object Injection.This issue affects Airin Blog: from n/a through = 1.6.1...

CVE-2024-52413 WordPress Airin Blog theme <= 1.6.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in DMC Airin Blog allows Object Injection.This issue affects Airin Blog: from n/a through 1.6.1...

CVE-2024-52414 WordPress WDES Responsive Mobile Menu plugin <= 5.3.18 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through = 5.3.18...

CVE-2024-52415 WordPress SK WP Settings Backup plugin <= 1.0 - CSRF to PHP Object Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in skipstorm SK WP Settings Backup sk-wp-settings-backup allows Object Injection.This issue affects SK WP Settings Backup: from n/a through = 1.0...

CVE-2024-52415 WordPress SK WP Settings Backup plugin <= 1.0 - CSRF to PHP Object Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in skipstorm SK WP Settings Backup sk-wp-settings-backup allows Object Injection.This issue affects SK WP Settings Backup: from n/a through = 1.0...

WordPress My Geo Posts Free plugin <= 1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin My Geo Posts Free versions = 1.2...

WordPress Lis Video Gallery plugin <= 0.2.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Lis Video Gallery versions = 0.2.1...

WordPress Lis Video Gallery Plugin <= 0.2.1 is vulnerable to PHP Object Injection

Software Lis Video Gallery Type Plugin Vulnerable versions = 0.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52430 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a078bb126c5a Credits LVT-tholv2k Required privilege...