Weaknesses of type CWE-502
2,257 resultsCVE-2026-22451CRITICALWordPress Handyman theme <= 1.4.7 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-67995CRITICALWordPress PatioTime theme < 2.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2023-49297LOWUnsafe YAML deserialization in PyDrive2EPSS 0.5%CVE-2026-22497CRITICALWordPress Jardi theme <= 1.7.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-2855MEDIUMelunez eladmin upload checkFile deserializationEPSS 0.5%CVE-2026-24378CRITICALWordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22500CRITICALWordPress m2 | Construction and Tools Store theme <= 1.1.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-69872CRITICALDiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache direcEPSS 0.5%CVE-2026-22507CRITICALWordPress Beelove theme <= 1.2.6 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-42380CRITICALWordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22417CRITICALWordPress Grand Wedding theme < 3.1.11 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-32603HIGHWordPress WooBuddy plugin <= 3.4.20 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22453CRITICALWordPress Pets Club theme <= 2.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-54001CRITICALWordPress Classter theme <= 2.5 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22454CRITICALWordPress Solaris theme <= 2.5 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22501CRITICALWordPress Mounthood theme <= 1.3.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-49227HIGHWordPress Free Stock Photos Foter plugin <= 1.5.4 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-49332CRITICALWordPress Giveaway Boost plugin <= 2.1.4 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-52410CRITICALWordPress Referrer Detector plugin <= 4.2.1.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-49218CRITICALWordPress Recently plugin <= 1.1 - PHP Object Injection vulnerabilityEPSS 0.5%