Weaknesses of type CWE-502
2,275 resultsCVE-2025-9571HIGHArbitrary Code Execution in Google Cloud Data Fusion via Malicious Artifact UploadEPSS 0.4%CVE-2026-22510HIGHWordPress Melody theme <= 1.6.3 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-39573HIGHWordPress Mildhill theme <= 1.5 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-22505HIGHWordPress Morning Records theme <= 1.2 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-26873CRITICALWordPress Traveler theme <= 3.1.8 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-40735HIGHWordPress Reina theme <= 2.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-39445HIGHWordPress Alukas theme < 3.0.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-48134HIGHWordPress WP Tabs plugin <= 2.2.12 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-62419HIGHDataEase vulnerable to JDBC URL injection in DB2 and MongoDB data source configurationEPSS 0.4%CVE-2024-13297MEDIUMEloqua - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-063EPSS 0.4%CVE-2026-31224HIGHThe snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in the MultitaskClassifier.load() method of thEPSS 0.4%CVE-2025-54007HIGHWordPress Post Grid and Gutenberg Blocks Plugin <= 2.3.11 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2026-31223HIGHThe snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability (CWE-502) in the BaseLabeler.load() method of thEPSS 0.4%CVE-2024-13296MEDIUMMailjet - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-062EPSS 0.4%CVE-2026-31222HIGHThe snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in the Trainer.load() method of the Trainer clEPSS 0.4%CVE-2024-13295MEDIUMNode export - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-061EPSS 0.4%CVE-2026-23542CRITICALWordPress Grand Restaurant theme <= 7.0.10 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-56055HIGHWordPress RealHomes theme <= 4.5.3 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-56053HIGHWordPress EventPrime plugin <= 4.3.4.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-7216MEDIUMlty628 Aidigu PHP Object common.php checkUserCookie deserializationEPSS 0.4%