Vulnerabilities > Deserialization of Untrusted Data

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-12	CVE-2024-23512	Deserialization of Untrusted Data vulnerability in Wpxpo Wowstore Deserialization of Untrusted Data vulnerability in wpxpo ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks.This issue affects ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks: from n/a through 3.1.4. network low complexity wpxpo CWE-502 critical	9.8
2024-02-12	CVE-2024-23513	Deserialization of Untrusted Data vulnerability in Wp-Property-Hive Propertyhive Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.5. network low complexity wp-property-hive CWE-502 critical	9.8
2024-02-12	CVE-2024-24796	Deserialization of Untrusted Data vulnerability in Mage-People Event Manager and Tickets Selling for Woocommerce Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin.This issue affects Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin: from n/a through 4.1.1. network low complexity mage-people CWE-502	8.8
2024-02-12	CVE-2024-24797	Deserialization of Untrusted Data vulnerability in G5Plus ERE Recently Viewed Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real Estate Add-On.This issue affects ERE Recently Viewed – Essential Real Estate Add-On: from n/a through 1.3. network low complexity g5plus CWE-502 critical	9.8
2024-02-12	CVE-2024-24926	Deserialization of Untrusted Data vulnerability in Unitedthemes Brooklyn 4.9.7.6 Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn \| Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn \| Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6. network low complexity unitedthemes CWE-502	8.8
2024-02-12	CVE-2024-25100	Deserialization of Untrusted Data vulnerability in Wpswings Coupon Referral Program 1.7.2 Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. network low complexity wpswings CWE-502 critical	9.8
2024-02-09	CVE-2024-1353	Deserialization of Untrusted Data vulnerability in PHPems 1.0 A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. network low complexity phpems CWE-502 critical	9.8
2024-02-06	CVE-2024-24590	Deserialization of Untrusted Data vulnerability in Clear Clearml Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with. network low complexity clear CWE-502	8.8
2024-02-05	CVE-2024-0668	Deserialization of Untrusted Data vulnerability in Sigmaplugin Advanced Database Cleaner The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'process_bulk_action' function. network low complexity sigmaplugin CWE-502	7.2
2024-02-05	CVE-2023-6933	Deserialization of Untrusted Data vulnerability in Wpengine Better Search Replace The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. network low complexity wpengine CWE-502 critical	9.8