Fallos del tipo CWE-502

2257 resultados
CVE-2025-39503CRITICALWordPress Goodlayers Hotel plugin <= 3.1.4 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-30973CRITICALWordPress CoSchool LMS plugin <= 1.4.3 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-31430CRITICALWordPress The Business <= 1.6.1 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2026-22480HIGHWordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-28961CRITICALWordPress URL Shortener <= 3.0.7 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-32572CRITICALWordPress Kata Plus Plugin <= 1.5.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-39499CRITICALWordPress Medicare Theme <= 2.1.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-31423CRITICALWordPress Umberto theme <= 1.2.8 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-31429CRITICALWordPress PressGrid - Frontend Publish Reaction & Multimedia Theme <= 1.3.1 - Deserialization of untrusted data VulnerabilityEPSS 0.5%CVE-2025-31631CRITICALWordPress Fish House theme <= 1.2.7 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-27286CRITICALWordPress Saoshyant Slider Plugin <= 3.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-27287CRITICALWordPress SS Quiz Plugin <= 2.0.5 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-31927CRITICALWordPress Acerola <= 1.6.5 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-39495CRITICALWordPress Avantage Theme <= 2.4.9 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-31398CRITICALWordPress PIMP - Creative MultiPurpose <= 1.7 - Deserialization of untrusted data VulnerabilityEPSS 0.5%CVE-2025-30949CRITICALWordPress Site Chat on Telegram plugin <= 1.0.4 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2026-0910HIGHwpForo Forum <= 2.4.13 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.5%CVE-2025-30023CRITICALThe communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execuEPSS 0.5%CVE-2025-0734MEDIUMy_project RuoYi Whitelist getBeanName deserializationEPSS 0.5%CVE-2024-24796HIGHWordPress Event Manager for WooCommerce Plugin <= 4.1.1 is vulnerable to PHP Object InjectionEPSS 0.5%