Falhas do tipo CWE-502

2.257 resultados
CVE-2021-27017MEDIUMDeserialization of untrusted dataEPSS 0.5%CVE-2026-3017HIGHSmart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts <= 3.0.12 - Authenticated (Administrator+) PHP Object InjectionEPSS 0.5%CVE-2025-69108CRITICALWordPress Hot Coffee theme <= 1.7 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-56032CRITICALWordPress Buddyboss Platform plugin <= 3.0.4 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-69122CRITICALWordPress SeaFood Company theme <= 1.4 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-60205CRITICALWordPress ThemeREX Addons plugin <= 2.36.1.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-33568HIGHWordPress Element Pack Pro plugin < 7.19.3 - Arbitrary File Read and Phar Deserialization vulnerabilityEPSS 0.5%CVE-2024-43931CRITICALWordPress JobSearch WP Job Board WordPress Plugin plugin <= 2.5.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-0956HIGHWooCommerce Recover Abandoned Cart <= 24.4.0 - Unauthenticated PHP Object InjectionEPSS 0.5%CVE-2024-13786CRITICALEducation Center | LMS & Online Courses WordPress Theme <= 3.6.10 - PHP Object InjectionEPSS 0.5%CVE-2025-23303HIGHNVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote codeEPSS 0.5%CVE-2024-10942HIGHAll in One WP Migration <= 7.89 - Unauthenticated PHP Object InjectionEPSS 0.5%CVE-2025-33245HIGHNVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerabEPSS 0.5%CVE-2026-50076CRITICALApache Fory: Java ReplaceResolverSerializer deserialization checks bypassEPSS 0.5%CVE-2024-52445HIGHWordPress QRMenu Restaurant QR Menu Lite plugin <= 1.0.4 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-23737HIGHseroval Affected by Remote Code Execution via JSON DeserializationEPSS 0.5%CVE-2026-2599CRITICALDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.7 - Unauthenticated PHP Object Injection via 'download_csv'EPSS 0.5%CVE-2025-10363CRITICALUnauthenticated RCE via .NET Deserialization in Topal Finance SoftwareEPSS 0.5%CVE-2024-22309HIGHWordPress ChatBot Plugin <= 5.1.0 is vulnerable to PHP Object InjectionEPSS 0.5%CVE-2024-23513HIGHWordPress PropertyHive Plugin <= 2.0.5 is vulnerable to PHP Object InjectionEPSS 0.5%