|
CVE-2026-39560
|
|
Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39576
|
|
Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions.
Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40756
|
|
Unauthenticated PHP Object Injection in Zoya <= 1.4 versions.
Unauthenticated PHP Object Injection in Zoya <= 1.4 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40752
|
|
Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions.
Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40733
|
|
Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions.
Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40757
|
|
Unauthenticated PHP Object Injection in Château <= 1.2.1 versions.
Unauthenticated PHP Object Injection in Château <= 1.2.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-60230
|
|
Désérialisation non sécurisée dans deserialization (CVE-2025-60230)
vulnérabilité dans deserialization (CVE-2025-60230). L'exploitation peut entraîner la prise de contrôle totale du système.
|
Critical
|
Insecure Deserialization
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-60236
|
|
Désérialisation non sécurisée dans deserialization (CVE-2025-60236)
vulnérabilité dans deserialization (CVE-2025-60236). L'exploitation peut entraîner la prise de contrôle totale du système.
|
Critical
|
Insecure Deserialization
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-69127
|
|
Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions.
Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-60229
|
|
Désérialisation non sécurisée dans deserialization (CVE-2025-60229)
vulnérabilité dans deserialization (CVE-2025-60229). L'exploitation peut entraîner la prise de contrôle totale du système.
|
Critical
|
Insecure Deserialization
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-60231
|
|
Désérialisation non sécurisée dans deserialization (CVE-2025-60231)
vulnérabilité dans deserialization (CVE-2025-60231). L'exploitation peut entraîner la prise de contrôle totale du système.
|
Critical
|
Insecure Deserialization
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-69111
|
|
Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions.
Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-54806
|
|
Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-52706
|
|
Unauthenticated PHP Object Injection in JetEngine <= 3.8.10 versions.
Unauthenticated PHP Object Injection in JetEngine <= 3.8.10 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-54194
|
|
Contributor PHP Object Injection in Fusion Builder <= 3.15.4 versions.
Contributor PHP Object Injection in Fusion Builder <= 3.15.4 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-49107
|
|
Unauthenticated PHP Object Injection in Thrive Apprentice < 10.8.10.2 versions.
Unauthenticated PHP Object Injection in Thrive Apprentice < 10.8.10.2 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-49075
|
|
Contributor PHP Object Injection in JetEngine <= 3.8.9.1 versions.
Contributor PHP Object Injection in JetEngine <= 3.8.9.1 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40753
|
|
Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions.
Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40751
|
|
Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.
Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40754
|
|
Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.
Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40735
|
|
Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40759
|
|
Unauthenticated PHP Object Injection in Esmée <= 1.4 versions.
Unauthenticated PHP Object Injection in Esmée <= 1.4 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40758
|
|
Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40739
|
|
Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.
Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40736
|
|
Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40755
|
|
Unauthenticated PHP Object Injection in TechLink <= 1.3 versions.
Unauthenticated PHP Object Injection in TechLink <= 1.3 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40725
|
|
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40761
|
|
Unauthenticated PHP Object Injection in Valeska <= 1.2.2 versions.
Unauthenticated PHP Object Injection in Valeska <= 1.2.2 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-40760
|
|
Unauthenticated PHP Object Injection in Behold <= 1.5 versions.
Unauthenticated PHP Object Injection in Behold <= 1.5 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-42380
|
|
Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions.
Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39545
|
|
Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions.
Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39539
|
|
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39567
|
|
Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39578
|
|
Unauthenticated PHP Object Injection in Valiance <= 1.2 versions.
Unauthenticated PHP Object Injection in Valiance <= 1.2 versions.
|
Medium
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39554
|
|
Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.
Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39573
|
|
Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39529
|
|
Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.
Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39557
|
|
Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39577
|
|
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
|
Medium
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39580
|
|
Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-27429
|
|
Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.
Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-27410
|
|
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
|
Medium
|
Insecure Deserialization
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39443
|
|
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-39446
|
|
Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-11857
|
|
Désérialisation non sécurisée dans csharp (CVE-2026-11857)
vulnérabilité dans csharp (CVE-2026-11857). Risque d'opérations non autorisées ou de divulgation.
|
|
C#
Privilege Escalation
Insecure Deserialization
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-12115
|
|
Désérialisation non sécurisée dans wordpress (CVE-2026-12115)
vulnérabilité dans wordpress (CVE-2026-12115). L'exploitation peut entraîner la prise de contrôle totale du système.
|
Medium
|
PHP
WordPress
Insecure Deserialization
Cwe 502
|
il y a 2 semaines
|
|
CVE-2026-12256
|
|
Contributor PHP Object Injection in Avada <= 3.15.3 versions.
Contributor PHP Object Injection in Avada <= 3.15.3 versions.
|
High
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-69108
|
|
Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions.
Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-69122
|
|
Unauthenticated PHP Object Injection in SeaFood Company <= 1.4 versions.
Unauthenticated PHP Object Injection in SeaFood Company <= 1.4 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|
|
CVE-2025-60205
|
|
Unauthenticated PHP Object Injection in ThemeREX Addons <= 2.36.1.1 versions.
Unauthenticated PHP Object Injection in ThemeREX Addons <= 2.36.1.1 versions.
|
Critical
|
PHP
Cwe 502
|
il y a 2 semaines
|