3569 matches found
CVE-2026-39467 WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...
WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.19 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Advanced Product Fields Product Addons for WooCommerce versions = 1.6.19...
WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Responsive Slider by MetaSlider versions = 3.106.0...
WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.3...
WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.87 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Anti-Malware Security and Brute-Force Firewall versions = 4.23.87...
WordPress Valeska theme <= 1.2.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Valeska versions = 1.2.2...
WordPress Behold theme <= 1.5 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Behold versions = 1.5...
WordPress Esmée theme <= 1.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Esmée versions = 1.4...
WordPress Château theme <= 1.2.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Château versions = 1.2.1...
WordPress TechLink theme <= 1.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme TechLink versions = 1.3...
WordPress Zoya theme <= 1.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Zoya versions = 1.4...
WordPress Roisin theme <= 1.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Roisin versions = 1.4...
WordPress Elementra theme <= 1.0.9 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds in WordPress Theme Elementra versions = 1.0.9...
WordPress Eldon theme <= 1.4.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Eldon versions = 1.4.1...
WordPress Reina theme <= 2.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Reina versions = 2.1...
WordPress ShiftUp theme <= 1.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme ShiftUp versions = 1.3...
WordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Phat RiO in WordPress Plugin WooCommerce Product Filters versions 2.0.6...
Exploit for Deserialization of Untrusted Data in Roundcube Webmail
CVE-2025-49113 — Roundcube Post-Auth RCE via PHP Object Deseri...
CVE-2026-3017 Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts <= 3.0.12 - Authenticated (Administrator+) PHP Object Injection
The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserialization of untrusted input in the importshortcodes function. This makes it possible for authenticate...
CVE-2026-3017
The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserialization of untrusted input in the importshortcodes function. This makes it possible for authenticate...