Weaknesses of type CWE-502

2,276 results
CVE-2026-27437CRITICALWordPress Tennis Club theme <= 1.2.3 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-69370CRITICALWordPress Capella theme <= 2.5.5 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-40725CRITICALWordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-27417CRITICALWordPress Sweet Date theme < 4.0.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-27438CRITICALWordPress Kingler theme <= 1.7 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-32512CRITICALWordPress Pelicula theme < 1.10 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-69404CRITICALWordPress Extreme Store theme <= 1.5.10 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-27083CRITICALWordPress Work & Travel Company theme <= 1.2 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-52724CRITICALWordPress Amwerk theme <= 1.2.0 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-49417CRITICALWordPress WooCommerce Product Multi-Action plugin <= 1.3 - Deserialization of untrusted data VulnerabilityEPSS 0.4%CVE-2025-49438HIGHWordPress Simple Login Log plugin <= 1.1.3 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-39780HIGHUse of unsafe yaml load in dynparamEPSS 0.4%CVE-2024-32817MEDIUMWordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-66073HIGHWordPress WP Webhooks plugin <= 3.3.8 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-29032MEDIUM`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary codeEPSS 0.4%CVE-2025-66055HIGHWordPress Email Subscribers & Newsletters plugin <= 5.9.10 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-39358HIGHWordPress WP Posts Carousel <= 1.3.12 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-47660HIGHWordPress WC Affiliate plugin <= 2.16 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-13715HIGHTencent FaceDetection-DSFD resnet Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-15375MEDIUMEyouCMS arcpagelist Ajax.php unserialize deserializationEPSS 0.4%