Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/11/27 1:4 p.m.14 views

CVE-2025-9191

The Houzez theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.6 via deserialization of untrusted input in saved-search-item.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No...

6.3CVSS7AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/26 3:34 p.m.5 views

EUVD-2025-199719

The Houzez theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.6 via deserialization of untrusted input in saved-search-item.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No...

6.3CVSS6.5AI score0.00224EPSS
Exploits0References3
NVD
NVD
added 2025/11/26 1:16 p.m.6 views

CVE-2025-9191

The Houzez theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.6 via deserialization of untrusted input in saved-search-item.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No...

6.3CVSS0.00224EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/26 12:30 p.m.6 views

CVE-2025-9191 Houzez <= 4.1.6 - Authenticated (Subscriber+) PHP Object Injection via Saved Search

The Houzez theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.6 via deserialization of untrusted input in saved-search-item.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No...

6.3CVSS6.6AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.5 views

WordPress plugin Houzez 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

6.3CVSS7.2AI score0.00224EPSS
Exploits0References3
Rows per page
Query Builder