WordPress Small Package Quotes – USPS Edition Plugin <= 1.3.9 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Drew / mcdruid in WordPress Plugin Small Package Quotes – USPS Edition versions = 1.3.9...

WordPress ThemeREX Addons plugin <= 2.36.1.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds in WordPress Plugin ThemeREX Addons versions = 2.36.1.1...

SUSE CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

WordPress Cars4Rent Theme <= 1.4.2 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cars4Rent versions = 1.4.2...

WordPress Rozario Theme <= 1.4 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Rozario versions = 1.4...

WordPress Cars4Rent Theme <= 1.4.2 is vulnerable to PHP Object Injection

Software Cars4Rent Type Theme Vulnerable versions = 1.4.2 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-49434 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 74545c19b3cf Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress The Restaurant Theme <= 1.4.1 is vulnerable to PHP Object Injection

Software The Restaurant Type Theme Vulnerable versions = 1.4.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-31927 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID b3568a9880cd Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...

WordPress Rozario Theme <= 1.4 is vulnerable to PHP Object Injection

Software Rozario Type Theme Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-31927 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 49288bc6ac10 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

WordPress WP Easy Contact Plugin <= 4.0.1 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by astra.r3verii in WordPress Plugin WP Easy Contact versions = 4.0.1...

WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by astra.r3verii in WordPress Plugin WP Ticket Customer Service Software & Support Ticket System versions = 6.0.2...

WordPress Employee Spotlight Plugin <= 5.1.1 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by astra.r3verii in WordPress Plugin Employee Spotlight versions = 5.1.1...

WordPress YouTube Showcase Plugin <= 3.5.1 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by astra.r3verii in WordPress Plugin YouTube Showcase versions = 3.5.1...

Adminer 安全漏洞

Adminer is an open source WordPress plugin for Adminer. It allows WordPress administrators to quickly perform database management. A security vulnerability exists in Adminer version 4.8.1, which stems from improper handling of specially serialized payloads when logging with Monolog, and could lea...

CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

PT-2025-34607 · Adminer · Adminer

Name of the Vulnerable Software and Affected Versions: Adminer version 4.8.1 Description: Adminer 4.8.1, when using Monolog for logging, is susceptible to a Denial of Service memory consumption through a crafted serialized payload, resulting in a PHP Object Injection issue. Remote, unauthenticate...

CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

Linux Distros Unpatched Vulnerability : CVE-2016-3154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The encodercontexteajax function in ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to...

WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin PDF for Gravity Forms + Drag And Drop Template Builder versions = 6.5.0...