Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1675

1675 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-58998 WordPress s2Member Plugin <= 250701 - PHP Object Injection Vulnerability — s2Member 9.8 Critical2025-11-06
CVE-2025-58636 WordPress WP Gravity Forms Keap/Infusionsoft Plugin <= 1.2.3 - Deserialization of untrusted data Vulnerability — WP Gravity Forms Keap/Infusionsoft 9.8 Critical2025-11-06
CVE-2025-58619 WordPress Falang multilanguage Plugin <= 1.3.65 - PHP Object Injection Vulnerability — Falang multilanguage 8.8 High2025-11-06
CVE-2025-58592 WordPress TranslatePress Plugin <= 2.10.2 - Deserialization of untrusted data Vulnerability — TranslatePress 8.1 High2025-11-06
CVE-2025-54719 WordPress Yogi - Health Beauty & Yoga Theme <= 2.9.2 - Deserialization of untrusted data Vulnerability — Yogi - Health Beauty & Yoga 8.8 High2025-11-06
CVE-2025-53586 WordPress WeMusic Theme <= 1.9.1 - PHP Object Injection Vulnerability — WeMusic 8.8 High2025-11-06
CVE-2025-53242 WordPress Seil Theme <= 1.7.1 - Deserialization of untrusted data Vulnerability — Seil 9.8 Critical2025-11-06
CVE-2025-49393 WordPress Sign-up Sheets Plugin <= 2.3.2 - PHP Object Injection Vulnerability — Sign-up Sheets 9.8 Critical2025-11-06
CVE-2025-49386 WordPress Preserve Code Formatting Plugin <= 4.0.1 - PHP Object Injection Vulnerability — Preserve Code Formatting 8.8 High2025-11-06
CVE-2025-48086 WordPress Ajax Search Lite plugin <= 4.13.3 - PHP Object Injection vulnerability — Ajax Search Lite 5.5 Medium2025-11-06
CVE-2025-64164 DataEase is vulnerable to Oracle JNDI Injection — dataease 8.1 -2025-11-06
CVE-2025-8871 Everest Forms (Pro) <= 1.9.7 - Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signature — Everest Forms Pro 5.6 Medium2025-11-05
CVE-2025-64353 WordPress Polylang plugin <= 3.7.3 - Deserialization of untrusted data vulnerability — Polylang 8.8 High2025-10-31
CVE-2025-63675 cryptidy 安全漏洞 — cryptidy 6.9 Medium2025-10-31
CVE-2025-12058 Vulnerability in Keras Model.load_model Leading to Arbitrary Local File Loading and SSRF — Keras 7.5AIHighAI2025-10-29
CVE-2025-62368 Taiga Authenticated Remote Code Execution — taiga-back 9.1 Critical2025-10-28
CVE-2025-12305 quequnlong shiyi-blog Job SysJobController.java deserialization — shiyi-blog 6.3 Medium2025-10-27
CVE-2025-34292 BeWelcome/Rox PHP Object Injection RCE — Rox 9.8AICriticalAI2025-10-27
CVE-2025-62025 WordPress JobSearch plugin < 3.0.8 - PHP Object Injection vulnerability — JobSearch 9.8 Critical2025-10-22
CVE-2025-62008 WordPress Product Table For WooCommerce plugin <= 1.2.4 - PHP Object Injection vulnerability — Product Table For WooCommerce 8.8 High2025-10-22
CVE-2025-60234 WordPress Single Property theme <= 2.8 - PHP Object Injection vulnerability — Single Property 8.8 High2025-10-22
CVE-2025-60238 WordPress UNIVERSAM plugin <= 9.04.02 - PHP Object Injection vulnerability — UNIVERSAM 9.8 Critical2025-10-22
CVE-2025-60232 WordPress KBx Pro Ultimate plugin <= 8.0.5 - PHP Object Injection vulnerability — KBx Pro Ultimate 9.8 Critical2025-10-22
CVE-2025-60228 WordPress Knowledge Base theme <= 2.9 - PHP Object Injection vulnerability — Knowledge Base 8.8 High2025-10-22
CVE-2025-60226 WordPress White Rabbit theme <= 1.5.2 - PHP Object Injection vulnerability — White Rabbit 9.8 Critical2025-10-22
CVE-2025-60224 WordPress Subscribe to Download plugin <= 2.0.9 - PHP Object Injection vulnerability — Subscribe to Download 9.8 Critical2025-10-22
CVE-2025-60225 WordPress BugsPatrol theme <= 1.5.0 - PHP Object Injection vulnerability — BugsPatrol 9.8 Critical2025-10-22
CVE-2025-60221 WordPress Captivate Sync Plugin <= 3.0.3 - PHP Object Injection Vulnerability — Captivate Sync 9.8 Critical2025-10-22
CVE-2025-60214 WordPress Goldenblatt theme < 1.3.0 - PHP Object Injection vulnerability — Goldenblatt 9.8 Critical2025-10-22
CVE-2025-60213 WordPress Scape theme <= 1.5.13 - PHP Object Injection vulnerability — Scape 9.8 Critical2025-10-22

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1675 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.