Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1676

1676 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-53243 WordPress Employee Directory – Staff Listing & Team Directory plugin for WordPress plugin <= 4.5.5 - PHP Object Injection vulnerability — Employee Directory – Staff Listing & Team Directory Plugin for WordPress 8.1 High2025-08-28
CVE-2025-52761 WordPress WP Funnel Manager Plugin <= 1.4.0 - PHP Object Injection Vulnerability — WP Funnel Manager 9.8 Critical2025-08-28
CVE-2024-13980 H3C Intelligent Management Center (iMC) /byod/index.xhtml RCE — Intelligent Management Center (iMC) 9.8AICriticalAI2025-08-27
CVE-2025-58218 WordPress Small Package Quotes – USPS Edition Plugin <= 1.3.9 - PHP Object Injection Vulnerability — Small Package Quotes – USPS Edition 7.2 High2025-08-27
CVE-2025-57773 Dataease DB2 Aspectweaver Deserialization Arbitrary File Write Vulnerability — dataease 8.8AIHighAI2025-08-25
CVE-2025-54923 Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module 代码问题漏洞 — EcoStruxure™ Power Monitoring Expert (PME) 8.8AIHighAI2025-08-20
CVE-2025-49434 WordPress Cars4Rent Theme <= 1.4.2 - PHP Object Injection Vulnerability — Cars4Rent 9.8 Critical2025-08-20
CVE-2025-49438 WordPress Simple Login Log plugin <= 1.1.3 - PHP Object Injection vulnerability — Simple Login Log 8.1 High2025-08-20
CVE-2025-49890 WordPress Organic Beauty Theme <= 1.4.6 - PHP Object Injection Vulnerability — Organic Beauty 9.8 Critical2025-08-20
CVE-2025-53299 WordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection Vulnerability — ThemeMakers Visual Content Composer 9.8 Critical2025-08-20
CVE-2025-53560 WordPress Noisa theme <= 2.6.0 - PHP Object Injection Vulnerability — Noisa 8.8 High2025-08-20
CVE-2025-54007 WordPress Post Grid and Gutenberg Blocks Plugin <= 2.3.11 - PHP Object Injection Vulnerability — Post Grid and Gutenberg Blocks 8.8 High2025-08-20
CVE-2025-54012 WordPress Welcart e-Commerce Plugin <= 2.11.16 - PHP Object Injection Vulnerability — Welcart e-Commerce 7.2 High2025-08-20
CVE-2025-54014 WordPress MediCenter - Health Medical Clinic <= 15.1 - PHP Object Injection Vulnerability — MediCenter - Health Medical Clinic 9.8 Critical2025-08-20
CVE-2025-54053 WordPress Groundhogg plugin <= 4.2.2 - PHP Object Injection vulnerability — Groundhogg 6.6 Medium2025-08-20
CVE-2025-8289 Redirection for Contact Form 7 <= 3.2.4 - Unauthenticated PHP Object Injection via PHAR Deserialization — Redirection for Contact Form 7 7.5 High2025-08-20
CVE-2025-8145 Redirection for Contact Form 7 <= 3.2.4 - Unauthenticated PHP Object Injection — Redirection for Contact Form 7 8.8 High2025-08-20
CVE-2025-8875 Insecure Deserialization Vulnerability — N-central 7.8AIHighAI2025-08-14
CVE-2025-8963 jeecgboot JimuReport Data Large Screen Template testConnection deserialization — JimuReport 6.3 Medium2025-08-14
CVE-2025-54686 WordPress Exertio Theme <= 1.3.2 - PHP Object Injection Vulnerability — Exertio 9.8 Critical2025-08-14
CVE-2025-47536 WordPress Content Egg plugin <= 7.0.0 - PHP Object Injection Vulnerability — Content Egg 7.2 High2025-08-14
CVE-2025-49869 WordPress Eventin Plugin <= 4.0.31 - PHP Object Injection Vulnerability — Eventin 8.8 High2025-08-14
CVE-2025-23303 NVIDIA NeMo Framework 代码问题漏洞 — NVIDIA NeMo Framework 7.8 High2025-08-13
CVE-2025-2180 Checkov by Prisma Cloud: Unsafe Deserialization of Terraform Files Allows Code Execution — Checkov by Prisma Cloud 8.8AIHighAI2025-08-13
CVE-2025-34153 Hyland OnBase < 17.0.2.87 .NET Remoting TCP Channel Unauthenticated RCE — OnBase 9.8AICriticalAI2025-08-13
CVE-2025-7384 Database for Contact Form 7, WPforms, Elementor forms <= 1.4.3 - Unauthenticated PHP Object Injection to Arbitrary File Deletion — Database for Contact Form 7, WPforms, Elementor forms 9.8 Critical2025-08-13
CVE-2025-49712 Microsoft SharePoint Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 8.8 High2025-08-12
CVE-2025-53772 Web Deploy Remote Code Execution Vulnerability — Web Deploy 4.0 8.8 High2025-08-12
CVE-2025-55010 Kanboard Authenticated Admin Remote Code Execution via Unsafe Deserialization of Events — kanboard 9.1 Critical2025-08-12
CVE-2025-40759 Siemens多款产品 代码问题漏洞 — SIMATIC S7-PLCSIM V17 7.8 High2025-08-12

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1676 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.