Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-502

CWE-502

Medium likelihood

Deserialization of Untrusted Data

Parent: CWE-913 - Improper Control of Dynamically-Managed Code Resources

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

2,809 vulnerabilities with CWE-502

CVE-2025-60245 CRITICAL

WP User Manager <2.9.12 - Code Injection

CVE-2025-58998 CRITICAL

s2Member <= 250701 - PHP Object Injection via Untrusted Data Deserialization

CVE-2025-58636 CRITICAL

WP Gravity Forms Keap/Infusionsoft <1.2.4 - Object Injection

CVE-2025-58619 HIGH

sbouey Falang <1.3.65 - Code Injection

CVE-2025-58592 HIGH

TranslatePress <2.10.2 - Code Injection

CVE-2025-54719 HIGH

NooTheme Yogi <2.9.2 - Code Injection

CVE-2025-53586 HIGH

NooTheme WeMusic <1.9.2 - Code Injection

CVE-2025-53242 CRITICAL

VictorThemes Seil <=1.7.1 - Object Injection

CVE-2025-49393 CRITICAL

Fetch Designs Sign-up-Sheets <2.3.2 - Code Injection

CVE-2025-49386 HIGH

Preserve Code Formatting <4.0.1 - Object Injection

CVE-2025-48086 MEDIUM

wpdreams Ajax Search Lite <4.13.3 - Code Injection

CVE-2025-64164 CRITICAL

Dataease < 2.10.15 - JNDI Injection via JDBC Connection

CVE-2025-8871 MEDIUM

Everest Forms (Pro) <1.9.7 - Code Injection

CVE-2025-64353 HIGH

Chouby Polylang <3.7.3 - Code Injection

CVE-2025-63675 MEDIUM

cryptidy < 1.2.4 - Remote Code Execution via Pickle Deserialization

CVE-2025-12058 MEDIUM

Keras < 3.12.0 - Arbitrary Local File Read and Server-Side Request Forgery via StringLookup Layer

CVE-2025-62368 CRITICAL

taiga-back < 6.9.0 - Remote Code Execution via Unsafe Deserialization

CVE-2025-12305 MEDIUM

shiyi-blog < 1.2.1 - Remote Code Execution via Deserialization in Job Handler

CVE-2025-34292 CRITICAL

BeWelcome Rox < c60bf04 - Remote Code Execution via PHP Object Injection

CVE-2025-46183 HIGH

pgCodeKeeper 10.12.0 - Code Injection

CVE-2025-62025 CRITICAL

eyecix JobSearch < 3.0.8 - Deserialization

CVE-2025-62008 HIGH

Product Table For WooCommerce <1.2.5 - Deserialization

CVE-2025-60238 CRITICAL

universam <8.72.34 - Code Injection

CVE-2025-60234 HIGH

designthemes Single Property <= 2.8 - Code Injection

CVE-2025-60232 CRITICAL

quantumcloud KBx Pro Ultimate <8.0.5 - Code Injection

Previous Page 26 of 113 Next

Details

Vulnerabilities 2,809

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy