WordPress YouTube Showcase Plugin <= 3.5.1 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by astra.r3verii in WordPress Plugin YouTube Showcase versions = 3.5.1...

PT-2025-34607 · Adminer · Adminer

Name of the Vulnerable Software and Affected Versions: Adminer version 4.8.1 Description: Adminer 4.8.1, when using Monolog for logging, is susceptible to a Denial of Service memory consumption through a crafted serialized payload, resulting in a PHP Object Injection issue. Remote, unauthenticate...

CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

Adminer 安全漏洞

Adminer is an open source WordPress plugin for Adminer. It allows WordPress administrators to quickly perform database management. A security vulnerability exists in Adminer version 4.8.1, which stems from improper handling of specially serialized payloads when logging with Monolog, and could lea...

Linux Distros Unpatched Vulnerability : CVE-2016-3154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The encodercontexteajax function in ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to...

WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin PDF for Gravity Forms + Drag And Drop Template Builder versions = 6.5.0...

WordPress PressApps Knowledge Base Contextual Sidebar Addon Plugin <= 4.2.1 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin PressApps Knowledge Base Contextual Sidebar Addon versions = 4.2.1...

WordPress WP Funnel Manager Plugin <= 1.4.0 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Drew / mcdruid in WordPress Plugin WP Funnel Manager versions = 1.4.0...

CVE-2025-54014 WordPress MediCenter - Health Medical Clinic <= 15.1 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical Clinic allows Object Injection. This issue affects MediCenter - Health Medical Clinic: from n/a through 15.1...

CVE-2025-54014 WordPress MediCenter - Health Medical Clinic <= 15.1 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical Clinic medicenter allows Object Injection.This issue affects MediCenter - Health Medical Clinic: from n/a through = 15.1...

CVE-2025-8145

The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the getleadfields function. This makes it possible for unauthenticated attackers to inject a PHP Object. The addition...

CVE-2025-8289

CVE-2025-8289 affects the WordPress plugin Redirection for Contact Form 7, vulnerable to unauthenticated PHP Object Injection via PHAR deserialization in delete_associated_files, for versions up to 3.2.4. Exploitation requires a form with a file upload action and the extension “Redirection For Co...

CVE-2025-8145

CVE-2025-8145 affects the WordPress plugin Redirection for Contact Form 7 (versions up to and including 3.2.4). The vulnerability arises from deserialization of untrusted input in the get_lead_fields function, enabling unauthenticated PHP object injection. The presence of a POP chain in the plugi...

PT-2025-33894

Name of the Vulnerable Software and Affected Versions: Redirection for Contact Form 7 plugin for WordPress versions up to and including 3.2.4 Description: The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted input in the ge...

WordPress plugin Redirection for Contact Form 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2025-33895 · WordPress +1 · Redirection For Contact Form 7 +2

Name of the Vulnerable Software and Affected Versions: Redirection for Contact Form 7 plugin for WordPress versions prior to 3.2.5 Description: The Redirection for Contact Form 7 plugin for WordPress is susceptible to PHP Object Injection due to deserialization of untrusted input within the delet...

WordPress Redirection for Contact Form 7 plugin <= 3.2.4 - Unauthenticated PHP Object Injection via PHAR Deserialization vulnerability

Unauthenticated PHP Object Injection via PHAR Deserialization vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Redirection for Contact Form 7 versions = 3.2.4...

WordPress Redirection for Contact Form 7 plugin <= 3.2.4 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Redirection for Contact Form 7 versions = 3.2.4...

WordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Bonds in WordPress Plugin ThemeMakers Visual Content Composer versions = 1.5.8...