Description Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities Remediation References CVE-2014-1860 Related Vulnerabilities Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.4.6) WordPress Plugin WP Activity Log PHP Object Injection (3.2.5) Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21608) WordPress Plugin Free Responsive Tab For WordPress-Everest Tab Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.3) WordPress Plugin Product Catalog SQL Injection (4.2.2) Severity Critical Classification CVE-2014-1860 CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities