CVE-2025-31634

CVE-2025-31634 describes a PHP Object Injection flaw in the WordPress theme “Insurance” (versions ≤ 3.5) due to deserializing untrusted data. Public sources (Patchstack/Red Hat/ENISA) confirm this is currently unpatched, affecting the Insurance theme up to 3.5; remediation is to upgrade to a vers...

CVE-2025-31634 WordPress Insurance theme <= 3.5 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Insurance insurance allows Object Injection.This issue affects Insurance: from n/a through = 3.5...