Falhas do tipo CWE-502

2.276 resultados
CVE-2025-6279MEDIUMUpsonic Pickle add_tool cloudpickle.loads deserializationEPSS 0.5%CVE-2025-53299CRITICALWordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2026-57527HIGHZAP ViewState Add-on Insecure Deserialization via JSFViewState.decode()EPSS 0.5%CVE-2025-2376MEDIUMviames Pair Framework PHP Object UserRemember.php getCookieContent deserializationEPSS 0.5%CVE-2025-2939MEDIUMNinja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated PHP Object Injection to Limited Remote Code ExecutionEPSS 0.5%CVE-2026-7647HIGHProfile Builder Pro <= 3.14.5 - Unauthenticated PHP Object InjectionEPSS 0.5%CVE-2025-24777HIGHWordPress Hillter theme <= 3.0.7 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-24779HIGHWordPress Yogi theme < 2.9.3 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-30618CRITICALWordPress Rapyd Payment Extension for WooCommerce plugin <= 1.2.0 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-31919CRITICALWordPress Spare <= 1.7 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-28970CRITICALWordPress WP Optimize By xTraffic plugin <= 5.1.6 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-12305MEDIUMquequnlong shiyi-blog Job SysJobController.java deserializationEPSS 0.5%CVE-2025-14476HIGHDoubly <= 1.0.46 - Authenticated (Subscriber+) PHP Object Injection via ZIP File ImportEPSS 0.5%CVE-2025-48780CRITICALSoar Cloud HRD Human Resource Management System - Deserialization of Untrusted DataEPSS 0.5%CVE-2026-1426HIGHAdvanced AJAX Product Filters <= 3.1.9.6 - Authenticated (Author+) PHP Object Injection via Live Composer CompatibilityEPSS 0.5%CVE-2025-58636CRITICALWordPress WP Gravity Forms Keap/Infusionsoft Plugin <= 1.2.3 - Deserialization of untrusted data VulnerabilityEPSS 0.5%CVE-2025-53242CRITICALWordPress Seil Theme <= 1.7.1 - Deserialization of untrusted data VulnerabilityEPSS 0.5%CVE-2025-49380CRITICALWordPress WooCommerce Vehicle Parts Finder plugin <= 3.7 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-60210CRITICALWordPress Everest Forms - Frontend Listing plugin <= 1.0.5 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-58998CRITICALWordPress s2Member Plugin <= 250701 - PHP Object Injection VulnerabilityEPSS 0.5%