WordPress The Barber Shop theme <= 1.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme The Barber Shop versions = 1.9...

WordPress Single Property theme <= 2.8 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Single Property versions = 2.8...

WordPress Knowledge Base theme <= 2.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Knowledge Base versions = 2.9...

WordPress LTL Freight Quotes - TQL Edition Plugin <= 1.2.6 - PHP Object Injection Vulnerability

WordPress LTL Freight Quotes - TQL Edition Plugin = 1.2.6 - PHP Object Injection Vulnerability discovered by mcdruid in WordPress Plugin LTL Freight Quotes - TQL Edition versions = 1.2.6...

WordPress LTL Freight Quotes – Daylight Edition Plugin <= 2.2.7 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by mcdruid in WordPress Plugin LTL Freight Quotes – Daylight Edition versions = 2.2.7...

WordPress LTL Freight Quotes – Day & Ross Edition Plugin <= 2.1.11 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by mcdruid in WordPress Plugin LTL Freight Quotes – Day & Ross Edition versions = 2.1.11...

CVE-2025-58644

CVE-2025-58644 describes a PHP Object Injection in the WordPress plugin LTL Freight Quotes – TQL Edition (

CVE-2025-58642 WordPress LTL Freight Quotes – Day & Ross Edition Plugin <= 2.1.11 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in enituretechnology LTL Freight Quotes – Day & Ross Edition ltl-freight-quotes-day-ross-edition allows Object Injection.This issue affects LTL Freight Quotes – Day & Ross Edition: from n/a through = 2.1.11...

WordPress Quiz And Survey Master Plugin <= 10.2.5 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Quiz And Survey Master versions = 10.2.5...

WordPress plugin Fluent Forms 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

CVE-2025-9260 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder 5.1.16 - 6.1.1 - Authenticated (Subscriber+) PHP Object Injection To Arbitrary File Read

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to PHP Object Injection in versions 5.1.16 to 6.1.1 via deserialization of untrusted input in the parseUserProperties function. This makes it possible for authenticated...

WordPress FluentForm plugin 5.1.16-6.1.1 - Authenticated (Subscriber+) PHP Object Injection To Arbitrary File Read

Authenticated Subscriber+ PHP Object Injection To Arbitrary File Read vulnerability discovered by Webbernaut in WordPress Plugin FluentForm versions 5.1.16-6.1.1...

WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.7 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by mcdruid in WordPress Plugin Client Invoicing by Sprout Invoices versions = 20.8.7...

PT-2025-35641

Name of the Vulnerable Software and Affected Versions: Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress versions 5.1.16 through 6.1.1 Description: The plugin is susceptible to PHP Object Injection due to deserialization of untrusted input...

CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

CVE-2025-54731 WordPress YouTube Showcase Plugin <= 3.5.1 - PHP Object Injection Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in emarket-design YouTube Showcase youtube-showcase allows Object Injection.This issue affects YouTube Showcase: from n/a through = 3.5.1...

CVE-2025-53584

CVE-2025-53584 affects the WordPress plugin WP Ticket Customer Service Software & Support Ticket System (versions up to 6.0.2). The issue is a PHP Object Injection caused by deserialization of untrusted data. CVSS v3.1 base score 8.1 (High) with network attack vector and no user interaction. Word...

CVE-2025-53583 WordPress Employee Spotlight Plugin <= 5.1.1 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in emarket-design Employee Spotlight employee-spotlight allows Object Injection.This issue affects Employee Spotlight: from n/a through = 5.1.1...

CVE-2025-53584 WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System allows Object Injection. This issue affects WP Ticket Customer Service Software & Support Ticket System: from n/a through 6.0.2...

CVE-2025-53243 WordPress Employee Directory – Staff Listing & Team Directory Plugin for WordPress Plugin <= 4.5.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in emarket-design Employee Directory – Staff Listing & Team Directory Plugin for WordPress allows Object Injection. This issue affects Employee Directory – Staff Listing & Team Directory Plugin for WordPress: from n/a through 4.5.3...