Total
2642 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22510 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in kkarpieszuk WC Price History for Omnibus wc-price-history allows Object Injection.This issue affects WC Price History for Omnibus: from n/a through <= 2.1.4. | ||||
| CVE-2024-56291 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through <= 3.1.6. | ||||
| CVE-2024-56283 | 2026-04-23 | 8.1 High | ||
| Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through <= 3.9.50. | ||||
| CVE-2024-56068 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Deserialization of Untrusted Data vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup.This issue affects WP SuperBackup: from n/a through <= 2.3.3. | ||||
| CVE-2024-56058 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in denniskravetstns VRPConnector vrpconnector allows Object Injection.This issue affects VRPConnector: from n/a through <= 2.0.1. | ||||
| CVE-2024-54367 | 1 Ultimatemember | 1 Forumwp | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Ultimate Member ForumWP forumwp allows Object Injection.This issue affects ForumWP: from n/a through <= 2.1.0. | ||||
| CVE-2024-54282 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu wp-megamenu allows Object Injection.This issue affects WP Mega Menu: from n/a through <= 1.4.2. | ||||
| CVE-2024-54273 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker mail-picker allows Object Injection.This issue affects Mail Picker: from n/a through <= 1.0.14. | ||||
| CVE-2024-52445 | 1 Modeltheme | 1 Qrmenu Restaurant Qr Menu Lite | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in ModelTheme QRMenu Restaurant QR Menu Lite qrmenu-lite allows Object Injection.This issue affects QRMenu Restaurant QR Menu Lite: from n/a through <= 1.0.4. | ||||
| CVE-2024-52443 | 1 Nerijus Masikonis | 1 Geolocator | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in masikonis Geolocator geolocator allows Object Injection.This issue affects Geolocator: from n/a through <= 1.1. | ||||
| CVE-2024-52440 | 1 Bueno Labs Pvt Ltd | 1 Xpresslane Fast Checkout | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in xpresslane Xpresslane Fast Checkout xpresslane-integration-for-woocommerce allows Object Injection.This issue affects Xpresslane Fast Checkout: from n/a through <= 1.0.0. | ||||
| CVE-2024-52439 | 1 Mark Odonnell | 1 Team Rosters | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Mark O'Donnell Team Rosters team-rosters allows Object Injection.This issue affects Team Rosters: from n/a through <= 4.8.2. | ||||
| CVE-2024-52433 | 1 Mindstien | 1 My Geo Posts Free | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free my-geo-posts-free allows Object Injection.This issue affects My Geo Posts Free: from n/a through <= 1.2. | ||||
| CVE-2024-52432 | 2 Nix Solutions, Nixsolutions | 2 Nix Anti-spam Light, Nix Anti-spam Light | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light nix-anti-spam-light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through <= 0.0.4. | ||||
| CVE-2024-52430 | 1 Lis | 1 Video Gallery | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in bublick Lis Video Gallery lis-video-gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through <= 0.2.1. | ||||
| CVE-2024-52414 | 1 Anthony Carbon | 1 Wdes Responsive Mobile Menu | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through <= 5.3.18. | ||||
| CVE-2024-52413 | 1 Dmc | 1 Airin Blog | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in dmcwebzone Airin Blog airin-blog allows Object Injection.This issue affects Airin Blog: from n/a through <= 1.6.1. | ||||
| CVE-2024-52411 | 1 Flowcraft Ux Design Studio | 1 Advanced Personalization | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in flowcraft Advanced Personalization personalization-by-flowcraft allows Object Injection.This issue affects Advanced Personalization: from n/a through <= 1.1.2. | ||||
| CVE-2024-52410 | 1 Phoenixheart | 1 Referrer Detector | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector referrer-detector allows Object Injection.This issue affects Referrer Detector: from n/a through <= 4.2.1.0. | ||||
| CVE-2024-52409 | 1 Ajax-random-post Project | 1 Ajax-random-post | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Phoenixheart AJAX Random Posts ajax-random-posts allows Object Injection.This issue affects AJAX Random Posts: from n/a through <= 0.3.3. | ||||