2 matches found
CVE-2025-53299
CVE-2025-53299 describes a deserialization of untrusted data vulnerability in ThemeMakers Visual Content Composer (WordPress plugin) that enables PHP object injection. Affected versions are up to 1.5.8 (inclusive); the root cause is deserializing untrusted data, which can lead to object injection...
WordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Bonds in WordPress Plugin ThemeMakers Visual Content Composer versions = 1.5.8...