Falhas do tipo CWE-502

2.257 resultados
CVE-2025-39503CRITICALWordPress Goodlayers Hotel plugin <= 3.1.4 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-31927CRITICALWordPress Acerola <= 1.6.5 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-31069CRITICALWordPress HotStar – Multi-Purpose Business Theme <= 1.4 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-28961CRITICALWordPress URL Shortener <= 3.0.7 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-39499CRITICALWordPress Medicare Theme <= 2.1.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-39495CRITICALWordPress Avantage Theme <= 2.4.9 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-32572CRITICALWordPress Kata Plus Plugin <= 1.5.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-67619HIGHWordPress Kids Heaven theme <= 3.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-31631CRITICALWordPress Fish House theme <= 1.2.7 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-27286CRITICALWordPress Saoshyant Slider Plugin <= 3.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-39485CRITICALWordPress GrandTour theme <= 5.6 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-32292CRITICALWordPress Jarvis – Night Club, Concert, Festival WordPress theme <= 1.8.11 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-39500CRITICALWordPress Goodlayers Hostel Plugin <= 3.1.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-30949CRITICALWordPress Site Chat on Telegram plugin <= 1.0.4 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-31429CRITICALWordPress PressGrid - Frontend Publish Reaction & Multimedia Theme <= 1.3.1 - Deserialization of untrusted data VulnerabilityEPSS 0.5%CVE-2026-22480HIGHWordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-0910HIGHwpForo Forum <= 2.4.13 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.5%CVE-2025-0734MEDIUMy_project RuoYi Whitelist getBeanName deserializationEPSS 0.5%CVE-2025-30023CRITICALThe communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execuEPSS 0.5%CVE-2024-34433MEDIUMWordPress One Click Demo Import plugin <=3.2.0 - PHP Object Injection vulnerabilityEPSS 0.5%