3718 matches found
CVE-2025-7697
The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.1 via deserialization of untrusted input within the verifyfieldval function. This makes it possible for...
CVE-2025-7696
The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.3 via deserialization of untrusted input within the verifyfieldval function. This makes it possible for...
CVE-2025-7696
CVE-2025-7696 : The WordPress plugin Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms is vulnerable to unauthenticated PHP Object Injection via the verify_field_val() function in all versions up to 1.2.3. Deserialization of untrusted input enables injection of a PHP o...
CVE-2025-7697
CVE-2025-7697: In the WordPress plugin Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms (
CVE-2025-7697 Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 - Unauthenticated PHP Object Injection via verify_field_val Function
The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.1 via deserialization of untrusted input within the verifyfieldval function. This makes it possible for...
CVE-2025-7696 Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.2.3 - Unauthenticated PHP Object Injection via verify_field_val Function
The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.3 via deserialization of untrusted input within the verifyfieldval function. This makes it possible for...
CVE-2025-7697 Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 - Unauthenticated PHP Object Injection via verify_field_val Function
The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.1 via deserialization of untrusted input within the verifyfieldval function. This makes it possible for...
CVE-2025-7696 Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.2.3 - Unauthenticated PHP Object Injection via verify_field_val Function
The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.3 via deserialization of untrusted input within the verifyfieldval function. This makes it possible for...
PT-2025-30114 · Unknown +1 · Contact Form 7 +1
Name of the Vulnerable Software and Affected Versions: Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress versions up to and including 1.2.3 Description: The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for...
PT-2025-30115 · WordPress +1 · Integration For Google Sheets/Contact Form 7 +1
Name of the Vulnerable Software and Affected Versions: Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress versions up to and including 1.1.1 Description: The plugin is susceptible to PHP Object Injection due to deserialization of untrusted input...
WordPress JetFormBuilder plugin <= 3.5.1.2 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin JetFormBuilder versions = 3.5.1.2...
CVE-2025-24777 WordPress Hillter theme <= 3.0.7 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in awethemes Hillter allows Object Injection. This issue affects Hillter: from n/a through 3.0.7...
CVE-2025-24777 WordPress Hillter theme <= 3.0.7 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in awethemes Hillter allows Object Injection. This issue affects Hillter: from n/a through 3.0.7...
CVE-2025-24779 WordPress Yogi theme <= 2.9.0 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in NooTheme Yogi allows Object Injection. This issue affects Yogi: from n/a through 2.9.0...
CVE-2025-24777
CVE-2025-24777 is a PHP Object Injection vulnerability in the WordPress Hillter theme (Hillter) caused by deserialization of untrusted data. Affected: Hillter versions
CVE-2025-28961 WordPress URL Shortener <= 3.0.7 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows Object Injection.This issue affects URL Shortener: from n/a through = 3.0.7...
CVE-2025-28961
CVE-2025-28961 corresponds to a deserialization of untrusted data vulnerability in the WordPress URL Shortener plugin (Md Yeasin Ul Haider) 3.0.7 when available, as stated in the sources. The vulnerability is not described as rejected or reserved in the provided materials.
CVE-2025-30949 WordPress Site Chat on Telegram plugin <= 1.0.4 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Guru Team Site Chat on Telegram site-chat-on-telegram allows Object Injection.This issue affects Site Chat on Telegram: from n/a through = 1.0.4...
CVE-2025-30949
CVE-2025-30949 is a PHP Object Injection deserialization vulnerability in the WordPress plugin Site Chat on Telegram (Guru Team Site Chat on Telegram). Affected versions are up to 1.0.4. The issue is triggered via deserializing untrusted data, enabling potential object injection. The CVE is corro...
CVE-2025-30973 WordPress CoSchool LMS plugin <= 1.4.3 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS coschool allows Object Injection.This issue affects CoSchool LMS: from n/a through = 1.4.3...