WordPress plugin Coupon X 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

Exploit for CVE-2024-49699

CVE-2024-49699 ARPrice...

WordPress GiveWP Plugin <= 3.19.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Edisc from Zalopay security team in WordPress Plugin GiveWP versions = 3.19.3...

CVE-2025-22510 WordPress WC Price History for Omnibus plugin <= 2.1.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus allows Object Injection.This issue affects WC Price History for Omnibus: from n/a through 2.1.4...

CVE-2025-22510

CVE-2025-22510 describes a Deserialization of Untrusted Data vulnerability in the WC Price History for Omnibus WordPress plugin (WC Price History) that allows Object Injection. Affected: WC Price History for Omnibus versions up to 2.1.4 (hosted on WordPress). Root cause: untrusted data deserializ...

Exploit for CVE-2025-22510

CVE-2025-22510 1️⃣ Component type WordPress plugin 2️...

WordPress WC Price History for Omnibus plugin <= 2.1.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Webula Patchstack Alliance in WordPress Plugin WC Price History for Omnibus versions = 2.1.4...

CVE-2024-49222

CVE-2024-49222 is a deserialization/PHP object injection vulnerability in WPGuppy (One to one user Chat by WPGuppy). Public details in the connected Red Hat entry confirm the issue affects WPGuppy up to version 1.1.0 and that a patch exists (patched). The Wordfence/WordPress vulnerability data al...

CVE-2024-56283 WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through 3.9.50...

CVE-2024-56283

CVE-2024-56283 affects Locatoraid Store Locator (WordPress)

CVE-2024-56291 WordPress PlainInventory – Inventory Management Plugin Plugin <= 3.1.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through = 3.1.6...

CVE-2024-56291 WordPress PlainInventory – Inventory Management Plugin Plugin <= 3.1.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through = 3.1.6...

CVE-2024-12313

The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.1 via deserialization of untrusted input from the 'woocomparelist' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...

CVE-2024-11465

The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8.5 via deserialization of untrusted input in the 'yikeswooproductstabs' post meta parameter. This makes it possible for authenticated attackers, with Shop...

CVE-2024-12313 Compare Products for WooCommerce <= 3.2.1 - Unauthenticated PHP Object Injection

The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.1 via deserialization of untrusted input from the 'woocomparelist' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...

CVE-2024-12313

CVE-2024-12313 : The Compare Products for WooCommerce plugin for WordPress is vulnerable to unauthenticated PHP Object Injection in all versions up to 3.2.1 via deserialization of untrusted input from the woo_compare_list cookie. The vulnerability allows an attacker to inject a PHP Object. The de...

CVE-2024-12313 Compare Products for WooCommerce <= 3.2.1 - Unauthenticated PHP Object Injection

The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.1 via deserialization of untrusted input from the 'woocomparelist' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...

CVE-2024-11465 Custom Product Tabs for WooCommerce <= 1.8.5 - Authenticated (Shop Manager+) PHP Object Injection

The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8.5 via deserialization of untrusted input in the 'yikeswooproductstabs' post meta parameter. This makes it possible for authenticated attackers, with Shop...

CVE-2024-11465 Custom Product Tabs for WooCommerce <= 1.8.5 - Authenticated (Shop Manager+) PHP Object Injection

The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8.5 via deserialization of untrusted input in the 'yikeswooproductstabs' post meta parameter. This makes it possible for authenticated attackers, with Shop...

CVE-2024-11465

CVE-2024-11465 affects the Custom Product Tabs for WooCommerce plugin for WordPress (