Weaknesses of type CWE-502
2,257 resultsCVE-2025-6464HIGHForminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.44.2 - Unauthenticated PHP Object Injection (PHAR) Triggered via Administrator Form Submission DeletionEPSS 0.5%CVE-2025-69294HIGHWordPress PeakShops theme <= 1.5.9 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22354HIGHWordPress Woocommerce Category Banner Management plugin <= 2.5.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-47065CRITICALApache MINA: Critical Deserialization Allow-list Bypass via resolveProxyClass - ZDRES-232EPSS 0.5%CVE-2025-68047HIGHWordPress Eventin plugin <= 4.1.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-68526HIGHWordPress Modal Popup Box plugin <= 1.6.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-46481HIGHWordPress Flickr Shortcode Importer plugin <= 2.2.3 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-53990HIGHWordPress JetFormBuilder plugin <= 3.5.1.2 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-47629HIGHWordPress WP-CRM System plugin <= 3.4.5 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-46473HIGHWordPress Social Counter plugin <= 2.0.5 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-71341HIGHpicklescan - Remote Code Execution via Undetected profile.Profile.runctxEPSS 0.5%CVE-2026-3357HIGHIBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle fileEPSS 0.5%CVE-2024-31277HIGHWordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-52706CRITICALWordPress JetEngine plugin <= 3.8.10 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-24842HIGHWordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 11.30.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-30221MEDIUMWordPress Sunshine Photo Cart plugin <= 3.1.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-6742HIGHSureForms – Drag and Drop Form Builder for WordPress <= 1.7.3 - Unauthenticated PHP Object Injection (PHAR) Triggered via Admin Submission DeletionEPSS 0.5%CVE-2025-6279MEDIUMUpsonic Pickle add_tool cloudpickle.loads deserializationEPSS 0.5%CVE-2025-53299CRITICALWordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-2376MEDIUMviames Pair Framework PHP Object UserRemember.php getCookieContent deserializationEPSS 0.5%