CVE-2026-7647 - Profile Builder Pro <= 3.14.5 - Unauthenticated PHP Object Injection
CVE ID :CVE-2026-7647 Published : May 2, 2026, 5:29 a.m. | 37 minutes ago Description :The Profile Builder Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to and including 3.14.5. This is due to the use of PHP's maybe_unserialize() function on the attacker-con
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] I built an image compressor that never sees your images published
- [CYBER] CVE-2026-31431 (Copy Fail) PHP PoC
- [CYBER] Trellix Confirms Source Code Breach With Unauthorized Repository Access
- [CYBER] Massive Facebook Phishing Operation Leverages AppSheet, Netlify, and Telegram
- [CYBER] CVE-2026-5110 - Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting via Single Product Field Inside Repeater
- [CYBER] CVE-2026-5111 - Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting via Hidden Product Field in Repeater