CVE-2026-28138 | Stylemix uListing Plugin up to 2.2.0 on WordPress deserialization

Inserito da Angelo Barbosa | Feb 26, 2026 | CVE

A vulnerability was found in Stylemix uListing Plugin up to 2.2.0 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to deserialization.

The identification of this vulnerability is CVE-2026-28138. The attack may be launched remotely. There is no exploit available.

CVE-2026-28138 | Stylemix uListing Plugin up to 2.2.0 on WordPress deserialization

Post correlati

CVE-2024-8275 | theeventscalendar Events Calendar Plugin up to 6.6.4 on WordPress tribe_has_next_event order sql injection

CVE-2026-0608 | Head Meta Data Plugin up to 20251118 on WordPress head-meta-data cross site scripting

CVE-2026-1761 | GNOME libsoup Multipart HTTP Response stack-based overflow

CVE-2025-22475 | Dell PowerProtect DD up to 7.10.1.40/7.13.1.10/8.1.0.10 a cryptographic primitive with a risky implementation (dsa-2025-022)