Home / Vulnerability Intelligence / CVE-2026-32513

CVE-2026-32513 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 25, 2026

Miguel Useche JS Archive List - Insecure Deserialization

Published: March 25, 2026Updated: March 25, 2026Remote Exploitable

Overview

Miguel Useche JS Archive List <= 6.1.7 contains an insecure deserialization vulnerability caused by untrusted data deserialization, letting attackers perform object injection remotely, exploit requires crafted input.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary code or manipulate application logic via object injection.

Mitigation

Update to a version later than 6.1.7 or the latest available version.

References

https://patchstack.com/database/Wordpress/Plugin/jquery-archive-list-widget/vulnerability/wordpress-js-archive-list-plugin-6-1-7-php-object-injection-vulnerability?_s_id=cve

Social Media Activity(2 posts)

TheHackerWire

@thehackerwire

Mar 25, 2026

🟠 CVE-2026-32513 - High (8.8) Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through <= 6.1.7. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32513/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 25, 2026

View original post

Related Resources

Details

CVE ID: CVE-2026-32513
Severity: High
CVSS Score: 8.8
Type: insecure_deserialization
Status: new
EPSS: 0.0%
Social Posts: 2

CWE

CWE-502

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.0%Probability of exploitation in the next 30 days