CVE-2024-49218 WordPress Recently plugin <= 1.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently recently-viewed-most-viewed-and-sold-products-for-woocommerce allows Object Injection.This issue affects Recently: from n/a through = 1.1...

CVE-2024-49226 WordPress TAKETIN To WP Membership plugin <= 2.8.17 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in taketin TAKETIN To WP Membership taketin-to-wp-membership allows Object Injection.This issue affects TAKETIN To WP Membership: from n/a through = 2.8.17...

CVE-2024-49226 WordPress TAKETIN To WP Membership plugin <= 2.8.17 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in taketin TAKETIN To WP Membership taketin-to-wp-membership allows Object Injection.This issue affects TAKETIN To WP Membership: from n/a through = 2.8.17...

CVE-2024-49227 WordPress Free Stock Photos Foter plugin <= 1.5.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in foter Free Stock Photos Foter free-stock-photos-foter allows Object Injection.This issue affects Free Stock Photos Foter: from n/a through = 1.5.4...

CVE-2024-49227 WordPress Free Stock Photos Foter plugin <= 1.5.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in foter Free Stock Photos Foter free-stock-photos-foter allows Object Injection.This issue affects Free Stock Photos Foter: from n/a through = 1.5.4...

CVE-2024-9634

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the givecompanyname parameter. This makes it possible for unauthenticated attackers to inject a...

CVE-2024-9634 GiveWP – Donation Plugin and Fundraising Platform <= 3.16.3 - Unauthenticated PHP Object Injection to Remote Code Execution

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the givecompanyname parameter. This makes it possible for unauthenticated attackers to inject a...

CVE-2024-9634 GiveWP – Donation Plugin and Fundraising Platform <= 3.16.3 - Unauthenticated PHP Object Injection to Remote Code Execution

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the givecompanyname parameter. This makes it possible for unauthenticated attackers to inject a...

CVE-2024-9634

CVE-2024-9634 affects GiveWP – Donation Plugin and Fundraising Platform for WordPress (

WordPress My Reading Library plugin <= 1.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin My Reading Library versions = 1.0...

WordPress GiveWP plugin <= 3.16.3 - Unauthenticated PHP Object Injection to Remote Code Execution vulnerability

Unauthenticated PHP Object Injection to Remote Code Execution vulnerability discovered by lefab in WordPress Plugin GiveWP versions = 3.16.3...

WordPress GiveWP Plugin <= 3.16.3 is vulnerable to PHP Object Injection

Software GiveWP Type Plugin Vulnerable versions = 3.16.3 Fixed in 3.16.4 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-9634 Patch priority High CVSS severity High 10 Developer Liquid Web / StellarWP PSID a33794a83e6f Credits lefab Required privilege Unauthenticated...

WordPress My Reading Library Plugin <= 1.0 is vulnerable to PHP Object Injection

Software My Reading Library Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49318 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 404c7fdc5e2d Credits LVT-tholv2k Required privilege...

WordPress plugin GiveWP – Donation Plugin and Fundraising Platform 代码问题漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

WordPress Free Stock Photos Foter plugin <= 1.5.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Free Stock Photos Foter versions = 1.5.4...

WordPress TAKETIN To WP Membership plugin <= 2.8.17 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin TAKETIN To WP Membership versions = 2.8.17...

WordPress Recently plugin <= 1.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Recently versions = 1.1...

WordPress Free Stock Photos Foter Plugin <= 1.5.4 is vulnerable to PHP Object Injection

Software Free Stock Photos Foter Type Plugin Vulnerable versions = 1.5.4 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49227 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 0e6ee5afeccb Credits LVT-tholv2k Required privilege...

WordPress TAKETIN To WP Membership Plugin <= 2.8.1 is vulnerable to PHP Object Injection

Software TAKETIN To WP Membership Type Plugin Vulnerable versions = 2.8.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49226 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID e430761eddd4 Credits LVT-tholv2k Required privilege...

CVE-2024-48033 WordPress Talkback plugin <= 1.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in baptiste.gourdin Talkback talkback-secure-linkback-protocol allows Object Injection.This issue affects Talkback: from n/a through = 1.0...