The Oracle WebLogic Async Component is vulnerable to a XML Deserialization remote code execution vulnerability. Malicious input passed to the XMLDecoder results in the deserialization of an arbitrary Java serialized object. Unauthenticated attackers can exploit it to remotely execute arbitrary code.
Oracle released a Critical Patch Update that fixes this issue. To fix this vulnerability it's recommended to install the Oracle Critical Patch Update from the References section.
WordPress Plugin is_human() 'type' Parameter Remote Command Injection (1.4.2)
WordPress Plugin Share Possible Remote Code Execution (1.0)
Code Evaluation (Apache Struts) S2-046
WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5)