3726 matches found
CVE-2024-49626 WordPress Shipyaari Shipping Management plugin <= 1.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Piyush Patel Shipyaari Shipping Management shipyaari-shipping-managment allows Object Injection.This issue affects Shipyaari Shipping Management: from n/a through = 1.2...
CVE-2024-49626 WordPress Shipyaari Shipping Management plugin <= 1.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Piyush Patel Shipyaari Shipping Management shipyaari-shipping-managment allows Object Injection.This issue affects Shipyaari Shipping Management: from n/a through = 1.2...
WordPress Shipyaari Shipping Management plugin <= 1.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Shipyaari Shipping Management versions = 1.2...
WordPress SiteBuilder Dynamic Components plugin <= 1.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin SiteBuilder Dynamic Components versions = 1.0...
WordPress WP Easy Post Types plugin <= 1.4.4 - Authenticated (Subscriber+) PHP Object Injection vulnerability
Authenticated Subscriber+ PHP Object Injection vulnerability discovered by István Márton in WordPress Plugin Easy Post Types versions = 1.4.4...
CVE-2024-10079
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajaximportcontent' function. This allows authenticated attackers, with subscriber-level permissions an...
CVE-2024-10079
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajaximportcontent' function. This allows authenticated attackers, with subscriber-level permissions an...
CVE-2024-10079
CVE-2024-10079 refers to WP Easy Post Types for WordPress (
CVE-2024-10079 WP Easy Post Types <= 1.4.4 - Authenticated (Subscriber+) PHP Object Injection
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajaximportcontent' function. This allows authenticated attackers, with subscriber-level permissions an...
WordPress Easy Post Types Plugin <= 1.4.4 is vulnerable to PHP Object Injection
Software Easy Post Types Type Plugin Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-10079 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID da4c9b968b4a Credits István Márton Required privilege Subscribe...
WordPress Shipyaari Shipping Management Plugin <= 1.2 is vulnerable to PHP Object Injection
Software Shipyaari Shipping Management Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49626 Patch priority Medium CVSS severity Medium 9.8 Developer Claim ownership PSID 33313dc069f7 Credits Mika Required privilege...
WordPress SiteBuilder Dynamic Components Plugin <= 1.0 is vulnerable to PHP Object Injection
Software SiteBuilder Dynamic Components Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49625 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 7e4e11ce38e6 Credits Mika Required privilege...
WordPress Advanced Advertising System Plugin <= 1.3.1 is vulnerable to PHP Object Injection
Software Advanced Advertising System Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49624 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 02d433e2c1ec Credits Mika Required privilege...
CVE-2024-49318 WordPress My Reading Library plugin <= 1.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Scott My Reading Library my-reading-library allows Object Injection.This issue affects My Reading Library: from n/a through = 1.0...
WordPress Giveaway Boost Plugin <= 2.1.4 is vulnerable to PHP Object Injection
Software Giveaway Boost Type Plugin Vulnerable versions = 2.1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49332 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID dc16e9530c12 Credits Mika Required privilege Unauthenticated...
CVE-2024-48026 WordPress Disc Golf Manager plugin <= 1.0.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in GMRobbins Disc Golf Manager disc-golf-manager allows Object Injection.This issue affects Disc Golf Manager: from n/a through = 1.0.0...
CVE-2024-48028 WordPress IP Loc8 plugin <= 1.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 ip-loc8 allows Object Injection.This issue affects IP Loc8: from n/a through = 1.1...
CVE-2024-48028 WordPress IP Loc8 plugin <= 1.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 ip-loc8 allows Object Injection.This issue affects IP Loc8: from n/a through = 1.1...
CVE-2024-48030 WordPress Telecash Ricaricaweb plugin <= 2.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Webextends Telecash Ricaricaweb telecash-ricaricaweb allows Object Injection.This issue affects Telecash Ricaricaweb: from n/a through = 2.2...
CVE-2024-48030 WordPress Telecash Ricaricaweb plugin <= 2.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Gabriele Valenti Telecash Ricaricaweb allows Object Injection.This issue affects Telecash Ricaricaweb: from n/a through 2.2...