Search
Search Results (2929 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39577 | 2 Elated-themes, Wordpress | 2 Playroom, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions. | ||||
| CVE-2026-39578 | 2 Elated-themes, Wordpress | 2 Valiance, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Valiance <= 1.2 versions. | ||||
| CVE-2026-39580 | 2 Select-themes, Wordpress | 2 Micdrop, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions. | ||||
| CVE-2026-40751 | 2 Mikado-themes, Wordpress | 2 Ashtanga, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions. | ||||
| CVE-2026-40755 | 2 Mikado-themes, Wordpress | 2 Techlink, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in TechLink <= 1.3 versions. | ||||
| CVE-2026-40758 | 2 Elated-themes, Wordpress | 2 Léonie, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions. | ||||
| CVE-2026-40759 | 2 Mikado-themes, Wordpress | 2 Esmée, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Esmée <= 1.4 versions. | ||||
| CVE-2026-40735 | 2 Edge-themes, Wordpress | 2 Reina, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Reina <= 2.1 versions. | ||||
| CVE-2025-69111 | 2 Themerex, Wordpress | 2 Reisen, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions. | ||||
| CVE-2025-69127 | 2 Themerex, Wordpress | 2 Plumbing, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions. | ||||
| CVE-2026-39556 | 2 Elated-themes, Wordpress | 2 Konsept, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Konsept <= 1.9 versions. | ||||
| CVE-2026-39560 | 2 Select-themes, Wordpress | 2 Hiroshi, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions. | ||||
| CVE-2026-39576 | 2 Elated-themes, Wordpress | 2 Singlemalt, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions. | ||||
| CVE-2026-40733 | 2 Mikado-themes, Wordpress | 2 Shiftup, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions. | ||||
| CVE-2026-40756 | 2 Mikado-themes, Wordpress | 2 Zoya, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Zoya <= 1.4 versions. | ||||
| CVE-2026-40757 | 2 Mikado-themes, Wordpress | 2 Château, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Château <= 1.2.1 versions. | ||||
| CVE-2026-10043 | 1 Mosaicml | 1 Composer | 2026-06-26 | N/A |
| MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MosaicML Composer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of checkpoints. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27990. | ||||
| CVE-2026-9691 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions. | ||||
| CVE-2026-27053 | 2 Videowhisper, Wordpress | 2 Broadcast Live Video, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Broadcast Live Video < 7.1.3 versions. | ||||
| CVE-2026-39532 | 2 Stiofansisland, Wordpress | 2 Events Calendar For Geodirectory, Wordpress | 2026-06-26 | 8.8 High |
| Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions. | ||||