CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

93252 matches found

NVD•added 2026/06/15 9:16 p.m.•4 views

CVE-2026-39532

Contributor PHP Object Injection in Events Calendar for GeoDirectory = 2.3.25 versions...

8.8CVSS0.00344EPSS

Exploits0References1

NVD•added 2026/06/15 9:16 p.m.•4 views

CVE-2026-39478

Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...

8.8CVSS0.00428EPSS

Exploits0References1

NVD•added 2026/06/15 9:16 p.m.•5 views

CVE-2026-39471

Author PHP Object Injection in ShortPixel Image Optimizer = 6.4.3 versions...

7.2CVSS0.00446EPSS

Exploits0References1

NVD•added 2026/06/15 9:16 p.m.•5 views

CVE-2026-39472

Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...

7.2CVSS0.00446EPSS

Exploits0References1

NVD•added 2026/06/15 9:16 p.m.•5 views

CVE-2026-39434

Shop manager PHP Object Injection in CTX Feed = 6.6.26 versions...

7.2CVSS0.00446EPSS

Exploits0References1

NVD•added 2026/06/15 9:16 p.m.•6 views

CVE-2026-27053

Unauthenticated PHP Object Injection in Broadcast Live Video 7.1.3 versions...

9.8CVSS0.00386EPSS

Exploits0References1

Cvelist•added 2026/06/15 8:19 p.m.•27 views

CVE-2026-49781 WordPress OttoKit plugin <= 1.1.27 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in OttoKit = 1.1.27 versions...

9.8CVSS0.00383EPSS

Exploits0References1

CVE•added 2026/06/15 8:19 p.m.•17 views

CVE-2026-49781

The CVE-2026-49781 entry describes an unauthenticated PHP Object Injection in the WordPress OttoKit plugin, affected versions

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

Cvelist•added 2026/06/15 8:19 p.m.•27 views

CVE-2026-49770 WordPress WP Travel Engine plugin <= 6.7.12 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in WP Travel Engine = 6.7.12 versions...

9.8CVSS0.00383EPSS

Exploits0References1

EUVD•added 2026/06/15 8:19 p.m.•8 views

EUVD-2026-36893

Unauthenticated PHP Object Injection in WP Travel Engine = 6.7.12 versions...

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

Vulnrichment•added 2026/06/15 8:19 p.m.•6 views

CVE-2026-49770 WordPress WP Travel Engine plugin <= 6.7.12 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in WP Travel Engine = 6.7.12 versions...

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

Cvelist•added 2026/06/15 8:19 p.m.•25 views

CVE-2026-49769 WordPress wpForo Forum plugin <= 3.1.0 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in wpForo Forum = 3.1.0 versions...

9.8CVSS0.00383EPSS

Exploits0References1

EUVD•added 2026/06/15 8:19 p.m.•9 views

EUVD-2026-36892

Unauthenticated PHP Object Injection in wpForo Forum = 3.1.0 versions...

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

EUVD•added 2026/06/15 8:19 p.m.•9 views

EUVD-2026-36891

Unauthenticated PHP Object Injection in Happyforms = 1.26.13 versions...

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

CVE•added 2026/06/15 8:19 p.m.•15 views

CVE-2026-49768

CVE-2026-49768 affects the WordPress plugin Happyforms (versions ≤ 1.26.13). The vulnerability is an unauthenticated PHP Object Injection in Happyforms, caused by an unsafe object deserialization path. Impact is described as high for confidentiality, integrity, and availability, with a CVSS 3.1 b...

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

CVE•added 2026/06/15 8:19 p.m.•19 views

CVE-2026-49765

The CVE-2026-49765 entry concerns the WordPress Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms plugin (versions <= 1.1.8). The connected sources confirm unauthenticated PHP Object Injection as the vulnerability, with a CVSS 3.1 base score of 9.8 (CRITICAL) and im...

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

Cvelist•added 2026/06/15 8:19 p.m.•26 views

CVE-2026-49763 WordPress Integration for Contact Form 7 HubSpot plugin <= 1.3.7 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Integration for Contact Form 7 HubSpot = 1.3.7 versions...

9.8CVSS0.00383EPSS

Exploits0References1

CVE•added 2026/06/15 8:19 p.m.•15 views

CVE-2026-49763

CVE-2026-49763 concerns the WordPress plugin “WordPress Integration for Contact Form 7 HubSpot” (versions

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

Cvelist•added 2026/06/15 8:19 p.m.•25 views

CVE-2026-49109 WordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.4.3 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms = 1.4.3 versions...

9.8CVSS0.00383EPSS

Exploits0References1

CVE•added 2026/06/15 8:19 p.m.•15 views

CVE-2026-49109

CVE-2026-49109 concerns the WordPress plugin set “Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms” (versions

9.8CVSS5.3AI score0.00383EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by