7286 matches found
CVE-2026-59521
Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial-free allows Object Injection.This issue affects Real Testimonials: from n/a through = 3.1.15...
CVE-2026-59518
Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...
CVE-2026-57770
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through = 5.7.8...
CVE-2026-57738
Deserialization of Untrusted Data vulnerability in axiomthemes 777 triple-seven allows Object Injection.This issue affects 777: from n/a through = 1.13.0...
CVE-2026-57744
Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57724
Deserialization of Untrusted Data vulnerability in Themeum Kirki kirki allows Object Injection.This issue affects Kirki: from n/a through = 6.0.12...
CVE-2026-57713
Deserialization of Untrusted Data vulnerability in Marcus aka @msykes Events Manager events-manager allows Object Injection.This issue affects Events Manager: from n/a through = 7.3.6...
CVE-2026-57371
Deserialization of Untrusted Data vulnerability in denishua WPJAM Basic wpjam-basic allows Object Injection.This issue affects WPJAM Basic: from n/a through = 7.0...
CVE-2026-57770
The CVE-2026-57770 entry concerns Deserialization of Untrusted Data in the WordPress Theme Grand Photography plugin/theme. Affected: Grand Photography versions up to 5.7.8. Root cause: PHP object injection arising from untrusted data deserialization. Impact: high confidentiality, integrity, and a...
CVE-2026-59521
The CVE-2026-59521 issue affects the WordPress Real Testimonials plugin (testimonial-free) by Deserialization of Untrusted Data, enabling PHP object injection in versions
CVE-2026-57770 WordPress Grand Photography theme <= 5.7.8 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through = 5.7.8...
CVE-2026-59521 WordPress Real Testimonials plugin <= 3.1.15 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial-free allows Object Injection.This issue affects Real Testimonials: from n/a through = 3.1.15...
CVE-2026-57724 WordPress Kirki plugin <= 6.0.12 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Themeum Kirki kirki allows Object Injection.This issue affects Kirki: from n/a through = 6.0.12...
CVE-2026-57724
CVE-2026-57724 affects the WordPress Kirki plugin (Kirki <= 6.0.12). The root cause is a deserialization of untrusted data leading to PHP Object Injection . According to the sources, this vulnerability can be exploited remotely (network attack vector) with no user interaction and can impact co...
CVE-2026-57713
CVE-2026-57713 : The WordPress Plugins Events Manager (events-manager ) is affected up to version 7.3.6. The issue is a PHP Object Injection caused by deserialization of untrusted data, enabling object injection. The affected component is the Events Manager plugin for WordPress; root cause is des...
CVE-2026-57371 WordPress WPJAM Basic plugin <= 7.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in denishua WPJAM Basic wpjam-basic allows Object Injection.This issue affects WPJAM Basic: from n/a through = 7.0...
Veeam Backup & Replication - Unauthenticated
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution RCE. id: CVE-2024-40711 info: name: Veeam Backup & Replication - Unauthenticated author: rootxharsh,iamnoooob,DhiyaneshDK severity: critical description: | A deserializati...
Adobe ColdFusion - Pre-Auth Remote Code Execution
Adobe ColdFusion versions 2018u16 and earlier, 2021u6 and earlier and 2023.0.0.330468 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-29300 info:...
CVE-2026-58281
Deserialization of untrusted data in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
EUVD-2026-43191
Deserialization of untrusted data in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...