Total
2562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26900 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in flexmls Flexmls® IDX flexmls-idx allows Object Injection.This issue affects Flexmls® IDX: from n/a through <= 3.14.27. | |||||
| CVE-2025-26873 | 2026-04-23 | N/A | 9.0 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in shinetheme Traveler traveler.This issue affects Traveler: from n/a through < 3.2.1. | |||||
| CVE-2025-26763 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through <= 3.94.0. | |||||
| CVE-2025-24779 | 2026-04-23 | N/A | 8.8 HIGH | ||
| Deserialization of Untrusted Data vulnerability in NooTheme Yogi yogi allows Object Injection.This issue affects Yogi: from n/a through < 2.9.3. | |||||
| CVE-2025-24671 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through <= 4.4.0. | |||||
| CVE-2025-24661 | 2026-04-23 | N/A | 8.8 HIGH | ||
| Deserialization of Untrusted Data vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce ecab-taxi-booking-manager allows Object Injection.This issue affects Taxi Booking Manager for WooCommerce: from n/a through <= 1.1.8. | |||||
| CVE-2025-24601 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in ThimPress FundPress fundpress allows Object Injection.This issue affects FundPress: from n/a through <= 2.0.6. | |||||
| CVE-2025-23944 | 2026-04-23 | N/A | 8.8 HIGH | ||
| Deserialization of Untrusted Data vulnerability in bulktheme WOOEXIM wooexim allows Object Injection.This issue affects WOOEXIM: from n/a through <= 5.0.0. | |||||
| CVE-2025-23932 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in Marko-M Quick Count quick-count allows Object Injection.This issue affects Quick Count: from n/a through <= 3.00. | |||||
| CVE-2025-23914 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in muzaara Muzaara Google Ads Report muzaara-adwords-optimize-dashboard allows Object Injection.This issue affects Muzaara Google Ads Report: from n/a through <= 3.1. | |||||
| CVE-2025-22777 | 1 Givewp | 1 Givewp | 2026-04-23 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give allows Object Injection.This issue affects GiveWP: from n/a through <= 3.19.3. | |||||
| CVE-2025-22526 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in mywebtonet PHP/MySQL CPU performance statistics mywebtonet-performancestats allows Object Injection.This issue affects PHP/MySQL CPU performance statistics: from n/a through <= 1.2.1. | |||||
| CVE-2025-22510 | 2026-04-23 | N/A | 7.2 HIGH | ||
| Deserialization of Untrusted Data vulnerability in kkarpieszuk WC Price History for Omnibus wc-price-history allows Object Injection.This issue affects WC Price History for Omnibus: from n/a through <= 2.1.4. | |||||
| CVE-2024-56291 | 2026-04-23 | N/A | 8.1 HIGH | ||
| Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through <= 3.1.6. | |||||
| CVE-2024-56283 | 2026-04-23 | N/A | 8.1 HIGH | ||
| Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through <= 3.9.50. | |||||
| CVE-2024-56068 | 2026-04-23 | N/A | 7.5 HIGH | ||
| Deserialization of Untrusted Data vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup.This issue affects WP SuperBackup: from n/a through <= 2.3.3. | |||||
| CVE-2024-56058 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in denniskravetstns VRPConnector vrpconnector allows Object Injection.This issue affects VRPConnector: from n/a through <= 2.0.1. | |||||
| CVE-2024-54367 | 1 Ultimatemember | 1 Forumwp | 2026-04-23 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in Ultimate Member ForumWP forumwp allows Object Injection.This issue affects ForumWP: from n/a through <= 2.1.0. | |||||
| CVE-2024-54282 | 2026-04-23 | N/A | 7.2 HIGH | ||
| Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu wp-megamenu allows Object Injection.This issue affects WP Mega Menu: from n/a through <= 1.4.2. | |||||
| CVE-2024-54273 | 2026-04-23 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker mail-picker allows Object Injection.This issue affects Mail Picker: from n/a through <= 1.0.14. | |||||