Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-45845 WordPress Smart Slider 3 Plugin <= 3.5.1.9 is vulnerable to PHP Object Injection — Smart Slider 3 4.3 Medium2024-01-19
CVE-2022-45083 WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection — Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress 6.6 Medium2024-01-19
CVE-2024-0654 DeepFaceLab Util.py deserialization — DeepFaceLab 5.3 Medium2024-01-18
CVE-2024-0603 ZhiCms giftcontroller.php deserialization — ZhiCms 7.3 High2024-01-16
CVE-2023-7032 Schneider Electric Easergy Studio 代码问题漏洞 — Easergy Studio 7.8 High2024-01-09
CVE-2024-21318 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 8.8 High2024-01-09
CVE-2023-52202 WordPress HTML5 MP3 Player with Folder Feedburner Plugin <= 2.8.0 is vulnerable to PHP Object Injection — HTML5 MP3 Player with Folder Feedburner Playlist Free 9.1 Critical2024-01-08
CVE-2023-52206 WordPress Page Builder: Live Composer Plugin <= 1.5.25 is vulnerable to PHP Object Injection — Page Builder: Live Composer 7.7 High2024-01-08
CVE-2023-52205 WordPress HTML5 SoundCloud Player Plugin <= 2.8.0 is vulnerable to PHP Object Injection — HTML5 SoundCloud Player with Playlist Free 9.1 Critical2024-01-08
CVE-2023-52207 WordPress HTML5 MP3 Player with Playlist Free Plugin <= 3.0.0 is vulnerable to PHP Object Injection — HTML5 MP3 Player with Playlist Free 9.1 Critical2024-01-08
CVE-2023-52218 WordPress WooCommerce Tranzila Gateway Plugin <= 1.0.8 is vulnerable to PHP Object Injection — Woocommerce Tranzila Payment Gateway 10.0 Critical2024-01-08
CVE-2023-52219 WordPress Gecka Terms Thumbnails Plugin <= 1.1 is vulnerable to PHP Object Injection — Gecka Terms Thumbnails 9.9 Critical2024-01-08
CVE-2023-52225 WordPress Taggbox Plugin <= 3.1 is vulnerable to PHP Object Injection — Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics 10.0 Critical2024-01-08
CVE-2024-0302 fhs-opensource iparking vueLogin deserialization — iparking 6.3 Medium2024-01-08
CVE-2023-51785 Apache InLong: Arbitrary File Read Vulnerability in Apache InLong Manager — Apache InLong 7.5AIHighAI2024-01-03
CVE-2023-49777 WordPress YITH WooCommerce Product Add-Ons Plugin <= 4.3.0 is vulnerable to PHP Object Injection — YITH WooCommerce Product Add-Ons 9.1 Critical2023-12-31
CVE-2023-52181 WordPress Theme per user Plugin <= 1.0.1 is vulnerable to PHP Object Injection — Theme per user 10.0 Critical2023-12-31
CVE-2023-52182 WordPress ARI Stream Quiz Plugin <= 1.3.0 is vulnerable to PHP Object Injection — ARI Stream Quiz – WordPress Quizzes Builder 9.9 Critical2023-12-31
CVE-2023-51414 WordPress EnvíaloSimple Plugin <= 2.1 is vulnerable to PHP Object Injection — EnvíaloSimple: Email Marketing y Newsletters 9.6 Critical2023-12-29
CVE-2023-51422 WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to PHP Object Injection — Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition 9.9 Critical2023-12-29
CVE-2023-51470 WordPress Rencontre – Dating Site Plugin <= 3.11.1 is vulnerable to PHP Object Injection — Rencontre – Dating Site 9.9 Critical2023-12-29
CVE-2023-51505 WordPress Active Products Tables for WooCommerce Plugin <= 1.0.6 is vulnerable to PHP Object Injection — Active Products Tables for WooCommerce. Professional products tables for WooCommerce store 10.0 Critical2023-12-29
CVE-2023-32513 WordPress GiveWP Plugin <= 2.25.3 is vulnerable to PHP Object Injection — GiveWP – Donation Plugin and Fundraising Platform 7.5 High2023-12-28
CVE-2023-32795 WordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to PHP Object Injection — Product Add-Ons 8.2 High2023-12-28
CVE-2023-36381 WordPress Zippy Plugin <= 1.6.5 is vulnerable to PHP Object Injection — Zippy 6.6 Medium2023-12-28
CVE-2023-51700 WP-Mobile-BankID-Integration WordPress Database Deserialization: Potential for Object Injection — WP-Mobile-BankID-Integration 6.4 Medium2023-12-27
CVE-2023-32242 WordPress Woodmart Core Plugin <= 1.0.36 is vulnerable to PHP Object Injection — WoodMart - Multipurpose WooCommerce Theme 9.8 Critical2023-12-21
CVE-2023-49778 WordPress Sayfa Sayaç Plugin <= 2.6 is vulnerable to PHP Object Injection — Sayfa Sayac 10.0 Critical2023-12-21
CVE-2023-49826 WordPress Soledad Theme <= 8.4.1 is vulnerable to PHP Object Injection — Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme 8.1 High2023-12-21
CVE-2023-51656 Apache IoTDB: Unsafe deserialize map in Sync Tool — Apache IoTDB 9.8AICriticalAI2023-12-21

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.