Total
2642 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-28961 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows Object Injection.This issue affects URL Shortener: from n/a through <= 3.0.7. | ||||
| CVE-2025-27301 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Nazmul Hasan Robin NHR Options Table Manager nhrrob-options-table-manager allows Object Injection.This issue affects NHR Options Table Manager: from n/a through <= 1.1.2. | ||||
| CVE-2025-27300 | 2026-04-23 | 7.2 High | ||
| Deserialization of Untrusted Data vulnerability in giuliopanda ADFO admin-form allows Object Injection.This issue affects ADFO: from n/a through <= 1.9.1. | ||||
| CVE-2025-27287 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ssvadim SS Quiz ssquiz allows Object Injection.This issue affects SS Quiz: from n/a through <= 2.0.5. | ||||
| CVE-2025-27286 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in saoshyant1994 Saoshyant Slider saoshyant-slider allows Object Injection.This issue affects Saoshyant Slider: from n/a through <= 3.0. | ||||
| CVE-2025-26999 | 1 Metagauss | 1 Profilegrid | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Object Injection.This issue affects ProfileGrid : from n/a through <= 5.9.4.3. | ||||
| CVE-2025-26967 | 1 Wpgeodirectory | 1 Events Calendar* | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Stiofan Events Calendar for GeoDirectory events-for-geodirectory allows Object Injection.This issue affects Events Calendar for GeoDirectory: from n/a through <= 2.3.14. | ||||
| CVE-2025-26921 | 2026-04-23 | 8.8 High | ||
| Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object Injection.This issue affects Booking and Rental Manager: from n/a through <= 2.2.6. | ||||
| CVE-2025-26900 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in flexmls Flexmls® IDX flexmls-idx allows Object Injection.This issue affects Flexmls® IDX: from n/a through <= 3.14.27. | ||||
| CVE-2025-26873 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9 Critical |
| Deserialization of Untrusted Data vulnerability in shinetheme Traveler traveler.This issue affects Traveler: from n/a through < 3.2.1. | ||||
| CVE-2025-26763 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through <= 3.94.0. | ||||
| CVE-2025-24779 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in NooTheme Yogi yogi allows Object Injection.This issue affects Yogi: from n/a through < 2.9.3. | ||||
| CVE-2025-24671 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through <= 4.4.0. | ||||
| CVE-2025-24661 | 2026-04-23 | 8.8 High | ||
| Deserialization of Untrusted Data vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce ecab-taxi-booking-manager allows Object Injection.This issue affects Taxi Booking Manager for WooCommerce: from n/a through <= 1.1.8. | ||||
| CVE-2025-24601 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in ThimPress FundPress fundpress allows Object Injection.This issue affects FundPress: from n/a through <= 2.0.6. | ||||
| CVE-2025-23944 | 2026-04-23 | 8.8 High | ||
| Deserialization of Untrusted Data vulnerability in bulktheme WOOEXIM wooexim allows Object Injection.This issue affects WOOEXIM: from n/a through <= 5.0.0. | ||||
| CVE-2025-23932 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Marko-M Quick Count quick-count allows Object Injection.This issue affects Quick Count: from n/a through <= 3.00. | ||||
| CVE-2025-23914 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in muzaara Muzaara Google Ads Report muzaara-adwords-optimize-dashboard allows Object Injection.This issue affects Muzaara Google Ads Report: from n/a through <= 3.1. | ||||
| CVE-2025-22777 | 1 Givewp | 1 Givewp | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give allows Object Injection.This issue affects GiveWP: from n/a through <= 3.19.3. | ||||
| CVE-2025-22526 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in mywebtonet PHP/MySQL CPU performance statistics mywebtonet-performancestats allows Object Injection.This issue affects PHP/MySQL CPU performance statistics: from n/a through <= 1.2.1. | ||||