Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-10749 | Deserialization of Untrusted Data vulnerability in Thinkadmin A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. | 8.1 |
| 2024-10-28 | CVE-2024-50408 | Deserialization of Untrusted Data vulnerability in Kibokolabs Namaste! LMS Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste! LMS allows Object Injection.This issue affects Namaste! LMS: from n/a through 2.6.3. | 8.8 |
| 2024-10-28 | CVE-2024-50416 | Deserialization of Untrusted Data vulnerability in Wpclever WPC Shop AS a Customer for Woocommerce Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through 1.2.6. | 8.8 |
| 2024-10-20 | CVE-2024-49332 | Deserialization of Untrusted Data vulnerability in Giveawayboost Giveaway Boost Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4. | 9.8 |
| 2024-10-20 | CVE-2024-49624 | Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows Object Injection.This issue affects Advanced Advertising System: from n/a through 1.3.1. | 9.8 |
| 2024-10-20 | CVE-2024-49625 | Deserialization of Untrusted Data vulnerability in Brandonclark Sitebuilder Dynamic Components Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49626 | Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows Object Injection.This issue affects Shipyaari Shipping Management: from n/a through 1.2. | 9.8 |
| 2024-10-18 | CVE-2024-10079 | Deserialization of Untrusted Data vulnerability in Newsignature WP Easy Post Types The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajax_import_content' function. | 8.8 |
| 2024-10-16 | CVE-2021-4451 | Deserialization of Untrusted Data vulnerability in Nintechnet Ninjafirewall The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in versions up to, and including, 4.3.3. | 7.2 |
| 2024-10-16 | CVE-2024-9634 | The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the give_company_name parameter. | 9.8 |