Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation.0.26. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 28.9% and no vendor patch available.
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration allows Password Recovery Exploitation.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PrinterShare Android application allows the capture of Gmail authentication tokens that can be reused to access a user's Gmail account without proper authorization. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed allows Upload a Web Shell to a Web Server.1.5. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unrestricted Upload of File with Dangerous Type vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows Upload a Web Shell to a Web Server.3.8. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unrestricted Upload of File with Dangerous Type vulnerability in STAGGS STAGGS allows Upload a Web Shell to a Web Server.11.0. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authenticated remote attackers can upload malicious PHP web shells to mojoomla Hospital Management System versions 47.0(20) through 11, achieving remote code execution with server privileges. The CVSS:3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C) reflects network-based exploitation requiring only low-privileged authentication, with scope change indicating potential container/hosting escape. EPSS score of 0.32% (55th percentile) suggests low probability of mass exploitation despite critical severity. Patchstack reported this CWE-434 file upload vulnerability, with exploit scenario involving authenticated upload of PHP backdoor to achieve persistent server compromise.
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System allows Upload a Web Shell to a Web Server.2.7. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Unrestricted Upload of File with Dangerous Type vulnerability in wordwebsoftware Crossword Compiler Puzzles allows Upload a Web Shell to a Web Server.2. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPFable Fable Extra allows PHP Local File Inclusion.0.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in AncoraThemes Kids Planet allows Object Injection.2.14. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in Pagaleve Pix 4x sem juros - Pagaleve allows Object Injection.6.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in ZoomIt ZoomSounds allows Object Injection.91. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in CoinPayments CoinPayments.net Payment Gateway for WooCommerce allows Object Injection.net Payment Gateway for WooCommerce: from n/a through 1.0.17. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in WPFunnels WPFunnels allows Object Injection.5.18. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in GoodLayers Goodlayers Hotel allows Object Injection.1.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in GoodLayers Goodlayers Hostel allows Object Injection.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in BoldThemes Medicare allows Object Injection.1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in BoldThemes Avantage allows Object Injection.4.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency WordPress allows Object Injection.5.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Deserialization of Untrusted Data vulnerability in AncoraThemes Jarvis - Night Club, Concert, Festival WordPress allows Object Injection.8.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PHP object injection in Acerola WordPress theme versions up to 1.6.5 enables remote unauthenticated attackers to execute arbitrary code, manipulate application data, or cause denial of service through deserialization of untrusted data. CVSS 9.8 reflects worst-case impact (network vector, no authentication required), though EPSS score of 0.37% (59th percentile) suggests limited active targeting to date. Reported by Patchstack audit team with vulnerability details published in their database, indicating researcher-identified rather than in-the-wild discovery. No CISA KEV listing confirms exploitation remains theoretical or limited in scope.
Deserialization of Untrusted Data vulnerability in AncoraThemes Fish House allows Object Injection.2.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PHP Object Injection in 'The Business' WordPress theme through version 1.6.1 allows remote unauthenticated attackers to execute arbitrary code, modify data, or cause denial of service via deserialization of untrusted data. With CVSS 9.8 (AV:N/AC:L/PR:N/UI:N), exploitation requires no authentication or user interaction. EPSS score of 0.37% suggests low observed exploitation probability despite critical severity, though no public exploit code or CISA KEV listing exists at time of analysis. Patchstack cataloged this vulnerability, indicating security researcher attention to WordPress theme supply chain risks.
Deserialization of Untrusted Data vulnerability in AncoraThemes Umberto allows Object Injection.2.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PHP object injection in HotStar WordPress theme (versions up to 1.4) allows remote unauthenticated attackers to achieve full system compromise through deserialization of untrusted data. The CVSS 9.8 critical rating reflects network-based exploitation requiring no authentication or user interaction, though EPSS scoring at 0.37% (59th percentile) indicates relatively low observed exploitation probability. Patchstack reported this vulnerability, and while no CISA KEV listing exists, the trivial attack complexity (AC:L) combined with the WordPress theme context suggests potential for automated scanning and exploitation if gadget chains are present in the target environment.
Remote unauthenticated attackers can achieve arbitrary PHP object injection in Dash WordPress theme versions up to 1.3 by exploiting unsafe deserialization of user-controlled data. The CVSS 9.8 score reflects network-based attack with no authentication required and complete compromise potential (confidentiality, integrity, availability). Despite the critical severity, EPSS probability is relatively low (0.37%, 59th percentile), suggesting limited observed exploitation attempts. Reported by Patchstack security research team with public vulnerability database entry available. No CISA KEV listing indicates this is not confirmed as actively exploited in the wild, though the straightforward attack vector (AV:N/AC:L/PR:N) makes it attractive for mass WordPress scanning campaigns.
Incorrect Privilege Assignment vulnerability in pebas CouponXL allows Privilege Escalation.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows Privilege Escalation.4.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A critical deserialization vulnerability in the ThemeMakers Car Dealer WordPress theme allows remote attackers to perform PHP object injection attacks without authentication. The vulnerability affects all versions of Car Dealer prior to 1.6.7 and enables complete system compromise with the ability to execute arbitrary code, steal data, or take over the website. With an EPSS score of 0.15% (35th percentile), while not currently in CISA KEV, the vulnerability presents moderate real-world exploitation risk given its network-accessible attack vector and lack of required authentication.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Majestic Support Majestic Support allows SQL Injection.1.0. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows SQL Injection.3.8. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in facturante Facturante allows SQL Injection.11. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFable Fable Extra allows Blind SQL Injection.0.6. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Detheme Easy Guide allows SQL Injection.0.0. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IndigoThemes WP HRM LITE allows SQL Injection.1. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GoodLayers Goodlayers Hotel allows Blind SQL Injection.1.4. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GoodLayers Goodlayers Hostel allows Blind SQL Injection.1.2. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Pixel WordPress Form BuilderPlugin & Autoresponder allows Blind SQL Injection.0.2. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smartcms Bus Ticket Booking with Seat Reservation for WooCommerce allows SQL Injection.7. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Techspawn WhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unrestricted file upload in JP Students Result Management System Premium WordPress plugin versions 1.1.7 and later enables remote unauthenticated attackers to upload and execute malicious web shells, achieving complete server compromise with high complexity exploitation requirements. Reported by Patchstack security researchers, this vulnerability carries a 0.31% EPSS exploitation probability (54th percentile), indicating moderate but not negligible real-world risk. No active exploitation confirmed in CISA KEV at time of analysis, though the cross-scope impact (S:C in CVSS vector) suggests potential for lateral movement beyond the WordPress application itself.
An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /rtbs/check-status.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.