CVE-2026-0677

Deserialization of Untrusted Data vulnerability in TotalSuite TotalContest Lite totalcontest-lite allows Object Injection.This issue affects TotalContest Lite: from n/a through <= 2.9.1.

CVSS

No CVSS.

References

Link	Resource
https://patchstack.com/database/Wordpress/Plugin/totalcontest-lite/vulnerability/wordpress-totalcontest-lite-plugin-2-9-1-php-object-injection-vulnerability?_s_id=cve

Configurations

No configuration.

History

01 Apr 2026, 17:28

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de deserialización de datos no confiables en TotalSuite TotalContest Lite permite la inyección de objetos. Este problema afecta a TotalContest Lite: desde n/a hasta 2.9.1.
Summary	~~(en) Deserialization of Untrusted Data vulnerability in TotalSuite TotalContest Lite allows Object Injection.This issue affects TotalContest Lite: from n/a through 2.9.1.~~	(en) Deserialization of Untrusted Data vulnerability in TotalSuite TotalContest Lite totalcontest-lite allows Object Injection.This issue affects TotalContest Lite: from n/a through <= 2.9.1.
References	{'url': 'https://patchstack.com/database/wordpress/plugin/totalcontest-lite/vulnerability/wordpress-totalcontest-lite-plugin-2-9-1-php-object-injection-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}	() https://patchstack.com/database/Wordpress/Plugin/totalcontest-lite/vulnerability/wordpress-totalcontest-lite-plugin-2-9-1-php-object-injection-vulnerability?_s_id=cve -
CVSS	v2 : ~~unknown~~ v3 : ~~7.2~~	v2 : unknown v3 : unknown

20 Mar 2026, 10:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-20 10:16

Updated : 2026-04-22 21:32

NVD link : CVE-2026-0677

Mitre link : CVE-2026-0677

CVE.ORG link : CVE-2026-0677

JSON object : View

Products Affected

No product.

CWE

CWE-502

Deserialization of Untrusted Data

JSON object

Attach tags to CVE-2026-0677

Attach tags to `CVE-2026-0677`