CVE-2025-39550 WordPress FluentCommunity plugin <= 1.2.15 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity fluent-community allows Object Injection.This issue affects FluentCommunity: from n/a through = 1.2.15...

CVE-2025-39551 WordPress FluentBoards plugin <= 1.47 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Object Injection.This issue affects FluentBoards: from n/a through = 1.47...

CVE-2025-39551 WordPress FluentBoards <= 1.47 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards allows Object Injection. This issue affects FluentBoards: from n/a through 1.47...

CVE-2025-39551

CVE-2025-39551 : FluentBoards plugin for WordPress ≤ 1.47 is affected by a deserialization of untrusted data vulnerability that enables PHP object injection. The issue is severe (CVSS 3.1/3.1) with a base score of 9.8 (CRITICAL) and impact across confidentiality, integrity, and availability. Publ...

WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerability

WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin = 1.7.8 - PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Smart Sections Theme Builder - WPBakery Page Builder Addon versions = 1.7.8...

WordPress FluentCommunity plugin <= 1.2.15 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin FluentCommunity versions = 1.2.15...

WordPress FluentBoards plugin <= 1.47 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin FluentBoards versions = 1.47...

WordPress Rating by BestWebSoft plugin <= 1.7 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Le Ngoc Anh in WordPress Plugin Rating by BestWebSoft versions = 1.7...

WordPress MelaPress Login Security plugin <= 2.1.0 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Phan Trong Quan - VNPT Cyber Immunity in WordPress Plugin MelaPress Login Security versions = 2.1.0...

WordPress HelpGent plugin <= 2.2.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin HelpGent versions = 2.2.5...

CVE-2025-39565 WordPress MelaPress Login Security plugin <= 2.1.0 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security melapress-login-security allows Object Injection.This issue affects MelaPress Login Security: from n/a through = 2.1.0...

CVE-2025-39565 WordPress MelaPress Login Security <= 2.1.0 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security allows Object Injection. This issue affects MelaPress Login Security: from n/a through 2.1.0...

CVE-2025-39565

CVE-2025-39565 describes a PHP Object Injection via deserialization of untrusted data in the WordPress plugin MelaPress Login Security . Affected versions are from n/a through 2.1.0. Root cause: deserializing untrusted data that can lead to object injection. Impact per sources is high (confidenti...

WordPress Kata Plus Plugin <= 1.5.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Le Ngoc Anh in WordPress Plugin Kata Plus versions = 1.5.3...

CVE-2025-30985 WordPress GNUCommerce plugin <= 1.5.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in kagla GNUCommerce gnucommerce allows Object Injection.This issue affects GNUCommerce: from n/a through = 1.5.4...

CVE-2025-30985 WordPress GNUCommerce plugin <= 1.5.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in kagla GNUCommerce gnucommerce allows Object Injection.This issue affects GNUCommerce: from n/a through = 1.5.4...

WordPress Team Members plugin <= 3.4.4 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Team Members Plugin versions = 3.4.4...

WordPress TuriTop Booking System Plugin <= 1.0.10 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin TuriTop Booking System versions = 1.0.10...

WordPress Question Answer plugin <= 1.2.73 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin Question Answer versions = 1.2.73...

CVE-2025-3439

The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.1 via deserialization of untrusted input from the 'fieldvalue' parameter. This makes it possible for...