Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-502

CWE-502

Medium likelihood

Deserialization of Untrusted Data

Parent: CWE-913 - Improper Control of Dynamically-Managed Code Resources

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

2,593 vulnerabilities with CWE-502

CVE-2026-32507 MEDIUM

WordPress Leroux theme < 1.4 - Arbitrary Object Instantiation vulnerability

CVE-2026-32506 MEDIUM

WordPress Archicon theme < 1.7 - Arbitrary Object Instantiation vulnerability

CVE-2026-32502 CRITICAL

WordPress Borgholm theme < 1.6 - PHP Object Injection vulnerability

CVE-2026-32484 HIGH

WordPress weForms plugin <= 1.6.26 - PHP Object Injection vulnerability

CVE-2026-27095 CRITICAL

WordPress Bus Ticket Booking with Seat Reservation plugin <= 5.6.0 - PHP Object Injection vulnerability

CVE-2026-27084 CRITICAL

WordPress Buisson theme <= 1.1.11 - PHP Object Injection vulnerability

CVE-2026-27083 CRITICAL

WordPress Work & Travel Company theme <= 1.2 - PHP Object Injection vulnerability

CVE-2026-27082 CRITICAL

WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability

CVE-2026-27045 HIGH

WordPress WooCommerce Infinite Scroll plugin <= 1.6.2 - PHP Object Injection vulnerability

CVE-2026-25429 CRITICAL

WordPress Nexa Blocks plugin <= 1.1.1 - PHP Object Injection vulnerability

CVE-2026-25400 HIGH

WordPress Apicona theme <= 24.1.0 - PHP Object Injection vulnerability

CVE-2026-25360 HIGH

WordPress Vex theme < 1.2.9 - PHP Object Injection vulnerability

CVE-2026-25359 HIGH

WordPress Pendulum theme < 3.1.5 - PHP Object Injection vulnerability

CVE-2026-25358 HIGH

WordPress Meloo theme < 2.8.2 - PHP Object Injection vulnerability

CVE-2026-25032 CRITICAL

WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability

CVE-2026-25031 CRITICAL

WordPress Tasty Daily theme < 1.27 - PHP Object Injection vulnerability

CVE-2026-25030 CRITICAL

WordPress Goldish theme < 3.47 - PHP Object Injection vulnerability

CVE-2026-25029 CRITICAL

WordPress KIDZ theme <= 5.24 - PHP Object Injection vulnerability

CVE-2026-24989 CRITICAL

WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability

CVE-2026-24981 HIGH

WordPress Visionary Core plugin <= 1.4.9 - PHP Object Injection vulnerability

CVE-2026-24978 HIGH

WordPress Jobica Core plugin <= 1.4.1 - PHP Object Injection vulnerability

CVE-2026-24976 HIGH

WordPress Organici Library plugin <= 2.1.2 - PHP Object Injection vulnerability

CVE-2026-24974 HIGH

WordPress CitiLights theme <= 3.7.1 - PHP Object Injection vulnerability

CVE-2026-24378 CRITICAL

WordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerability

CVE-2026-23971 HIGH

WordPress WoodMart theme <= 8.3.8 - PHP Object Injection vulnerability

Previous Page 4 of 104 Next

Details

Vulnerabilities 2,593

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy