3726 matches found
WordPress plugin PGS Core 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
WordPress Captivate Sync Plugin <= 3.0.3 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by stealthcopter in WordPress Plugin Captivate Sync versions = 3.0.3...
CVE-2025-2105
The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...
CVE-2025-2105
The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...
CVE-2025-2105
The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...
CVE-2025-2105 Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR
The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...
CVE-2025-2105
CVE-2025-2105 (Jupiter X Core) affects WordPress Jupiter X Core plugin up to version 4.8.11. Vulnerability: PHP Object Injection via deserialization of untrusted input from the ‘file’ parameter of raven_download_file, enabling injection of a PHP object through a PHAR file. Impact is contingent on...
CVE-2025-2105 Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR
The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...
WordPress plugin Jupiter X Core 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
PT-2025-17948 · WordPress · Jupiter X Core
Name of the Vulnerable Software and Affected Versions: Jupiter X Core plugin for WordPress versions up to, and including, 4.8.11 Description: The issue allows for PHP Object Injection via deserialization of untrusted input from the file parameter of the raven download file function, making it...
WordPress Jupiter X Core plugin <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR vulnerability
Unauthenticated PHP Object Injection via PHAR vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin JupiterX Core versions = 4.8.11...
WordPress Social Counter plugin <= 2.0.5 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Social Counter versions = 2.0.5...
WordPress Flickr Shortcode Importer plugin <= 2.2.3 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Ngo Bui Truong Vu in WordPress Plugin Flickr Shortcode Importer versions = 2.2.3...
CVE-2025-46473 WordPress Social Counter plugin <= 2.0.5 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Prisna Social Counter social-counter allows Object Injection.This issue affects Social Counter: from n/a through = 2.0.5...
CVE-2025-46473 WordPress Social Counter plugin <= 2.0.5 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Prisna Social Counter social-counter allows Object Injection.This issue affects Social Counter: from n/a through = 2.0.5...
CVE-2025-46481 WordPress Flickr Shortcode Importer plugin <= 2.2.3 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Michael Cannon Flickr Shortcode Importer flickr-shortcode-importer allows Object Injection.This issue affects Flickr Shortcode Importer: from n/a through = 2.2.3...
WordPress Grand Restaurant WordPress theme <= 7.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Grand Restaurant versions = 7.0...
WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme CiyaShop versions = 4.18.0...
WordPress Grand Conference theme <= 5.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds in WordPress Theme Grand Conference versions = 5.3...
WordPress Foodbakery Sticky Cart plugin <= 3.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Foodbakery Sticky Cart versions = 3.2...