Total
2666 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31396 | 2026-04-28 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in themeton FLAP - Business WordPress Theme allows Object Injection. This issue affects FLAP - Business WordPress Theme: from n/a through 1.5. | |||||
| CVE-2025-31069 | 2026-04-28 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Object Injection. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4. | |||||
| CVE-2025-31049 | 2026-04-28 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3. | |||||
| CVE-2025-31047 | 2026-04-28 | N/A | 8.8 HIGH | ||
| Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0. | |||||
| CVE-2025-24777 | 2026-04-28 | N/A | 8.8 HIGH | ||
| Deserialization of Untrusted Data vulnerability in awethemes Hillter allows Object Injection. This issue affects Hillter: from n/a through 3.0.7. | |||||
| CVE-2024-52412 | 2026-04-28 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This issue affects Xin: from n/a through 1.0.8.1. | |||||
| CVE-2024-34433 | 1 Ocdi | 1 One Click Demo Import | 2026-04-28 | N/A | 4.4 MEDIUM |
| Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0. | |||||
| CVE-2024-33641 | 2026-04-28 | N/A | 5.4 MEDIUM | ||
| Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue affects Custom field finder: from n/a through 0.3. | |||||
| CVE-2024-33568 | 1 Bdthemes | 1 Element Pack | 2026-04-28 | N/A | 8.5 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Deserialization of Untrusted Data vulnerability in BdThemes Element Pack Pro allows Path Traversal, Object Injection.This issue affects Element Pack Pro: from n/a before 7.19.3. | |||||
| CVE-2024-33553 | 1 8theme | 1 Xstore Core | 2026-04-28 | N/A | 9.0 CRITICAL |
| Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5. | |||||
| CVE-2024-32835 | 2026-04-28 | N/A | 5.4 MEDIUM | ||
| Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a through 2.5.3. | |||||
| CVE-2024-32603 | 1 Themekraft | 1 Buddypress Woocommerce My Account Integration | 2026-04-28 | N/A | 8.5 HIGH |
| Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.20. | |||||
| CVE-2024-32600 | 1 Averta | 1 Master Slider | 2026-04-28 | N/A | 8.3 HIGH |
| Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.5. | |||||
| CVE-2024-32431 | 1 Wpallimport | 1 Wp All Import | 2026-04-28 | N/A | 4.4 MEDIUM |
| Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2. | |||||
| CVE-2024-31308 | 1 Vjinfotech | 1 Wp Import Export Lite | 2026-04-28 | N/A | 4.4 MEDIUM |
| Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue affects WP Import Export Lite: from n/a through 3.9.26. | |||||
| CVE-2024-31277 | 2026-04-28 | N/A | 8.7 HIGH | ||
| Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32. | |||||
| CVE-2024-31094 | 2026-04-28 | N/A | 8.5 HIGH | ||
| Deserialization of Untrusted Data vulnerability in Filter Custom Fields & Taxonomies Light.This issue affects Filter Custom Fields & Taxonomies Light: from n/a through 1.05. | |||||
| CVE-2024-30230 | 1 Acowebs | 1 Pdf Invoices And Packing Slips For Woocommerce | 2026-04-28 | N/A | 8.2 HIGH |
| Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7. | |||||
| CVE-2024-30228 | 2026-04-28 | N/A | 9.9 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue affects Hercules Core : from n/a through 6.4. | |||||
| CVE-2024-30227 | 2026-04-28 | N/A | 9.0 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue affects Geo Controller: from n/a through 8.6.4. | |||||