Falhas do tipo CWE-502
2.276 resultadosCVE-2026-8727HIGHRemote Code Execution in extension "Site Crawler" (crawler)EPSS 0.4%CVE-2026-22474CRITICALWordPress Equestrian Centre theme <= 1.5 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-22475CRITICALWordPress Estate theme <= 1.3.4 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-12578HIGHDTMSoft - Deserialization of Untrusted Data VulnerabilityEPSS 0.4%CVE-2023-47507HIGHWordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to PHP Object InjectionEPSS 0.4%CVE-2026-25614HIGHBlesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680.EPSS 0.4%CVE-2025-60233CRITICALWordPress Zuut theme <= 1.4.2 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-69127CRITICALWordPress Plumbing theme <= 1.6 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-60178CRITICALWordPress WP Gravity Forms HubSpot plugin <= 1.2.6 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2026-54194CRITICALWordPress Fusion Builder plugin <= 3.15.4 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-7871CRITICALInsecure Deserialization in Redis Cache BackendEPSS 0.4%CVE-2025-60180CRITICALWordPress WP Gravity Forms Salesforce plugin <= 1.5.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-27053CRITICALWordPress Broadcast Live Video plugin < 7.1.3 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-60089CRITICALWordPress WP Gravity Forms FreshDesk plugin plugin <= 1.3.5 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2025-60174CRITICALWordPress WP Gravity Forms Constant Contact plugin plugin <= 1.1.2 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2025-60091CRITICALWordPress WP Gravity Forms Zoho CRM and Bigin plugin <= 1.2.9 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2025-15438MEDIUMPluXml Media Management medias.php __destruct deserializationEPSS 0.4%CVE-2025-64206CRITICALWordPress Jannah theme <= 7.6.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-60090CRITICALWordPress WP Gravity Forms Insightly plugin <= 1.1.6 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2025-69111CRITICALWordPress Reisen theme <= 1.4.1 - PHP Object Injection vulnerabilityEPSS 0.4%