93252 matches found
CVE-2026-40735 WordPress Reina theme <= 2.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Reina = 2.1 versions...
CVE-2026-40735
Summary: CVE-2026-40735 concerns unauthenticated PHP Object Injection in WordPress Reina theme versions <= 2.1. The vulnerability is tied to the Reina plugin/theme codebase and is described as an unauthenticated PHP Object Injection, with CVSSv3.1 impact vector indicating high severity (8.1 ba...
CVE-2026-40725 WordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in WooCommerce Product Filters 2.0.6 versions...
CVE-2025-60205 WordPress ThemeREX Addons plugin <= 2.36.1.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in ThemeREX Addons = 2.36.1.1 versions...
CVE-2026-12115
The vulnerability CVE-2026-12115 affects the WordPress plugin Counter Box (versions up to 2.0.13). It allows PHP Object Injection via deserialization of untrusted input and requires authenticated access at Administrator+ level. Deserialization occurs automatically during the post-import redirect ...
CVE-2026-12115 Counter Box <= 2.0.13 - Authenticated (Administrator+) PHP Object Injection via Import
The Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.13 via deserialization of untrusted input . This makes it possible for authenticated attackers, with administrator-level...
Cacti cmd_realtime.php - Command Injection
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
PT-2026-50404
Name of the Vulnerable Software and Affected Versions ShiftUp versions 1.3 and earlier Description An unauthenticated PHP Object Injection issue exists in the software. PHP Object Injection occurs when user-supplied input is passed to the unserialize function without proper validation, potentiall...
PT-2026-50544
Name of the Vulnerable Software and Affected Versions PHP Standard Library PSL versions 6.1.0 through 6.1.1 PHP Standard Library PSL version 6.2.0 Description The PslH2ServerConnection function does not validate that the total bytes received in DATA frames match the content-length header declared...
PT-2026-50606
Name of the Vulnerable Software and Affected Versions Drupal core affected versions not specified Description An attacker with appropriate JSON:API write permissions could potentially inject a malicious payload in certain rare circumstances, leading to PHP Object Injection. PHP Object Injection...
CVE-2026-40761
WordPress Theme Valeska <= 1.2.2 is affected by an unauthenticated PHP Object Injection vulnerability. Affected component: Valeska theme (WordPress). Root cause: PHP object injection in versions
CVE-2026-40759
CVE-2026-40759 affects WordPress Esmée theme versions
CVE-2026-40760 WordPress Behold theme <= 1.5 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Behold = 1.5 versions...
CVE-2026-40758 WordPress Léonie theme <= 1.2.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Léonie = 1.2.1 versions...
CVE-2026-40755 WordPress TechLink theme <= 1.3 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in TechLink = 1.3 versions...
CVE-2026-40754
CVE-2026-40754 concerns the WordPress Roisin theme (versions <= 1.4) with unauthenticated PHP Object Injection. Public references describe an object-injection vulnerability in Roisin
CVE-2026-40754 WordPress Roisin theme <= 1.4 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Roisin = 1.4 versions...
CVE-2026-40755
CVE-2026-40755 affects WordPress TechLink theme versions
CVE-2026-40751
CVE-2026-40751 affects WordPress Theme Ashtanga versions
CVE-2026-40736
WordPress Laurits theme