WordPress CiyaShop - Multipurpose WooCommerce Theme plugin <= 4.19.0 - Unauthenticated PHP Object Injection vulnerability

WordPress CiyaShop - Multipurpose WooCommerce Theme plugin = 4.19.0 - Unauthenticated PHP Object Injection vulnerability discovered by Lucio Sá in WordPress Theme CiyaShop versions = 4.19.0...

EUVD-2025-6410

Malicious code in bioql PyPI...

EUVD-2025-15784

Malicious code in bioql PyPI...

CVE-2025-39349

Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop ciyashop allows Object Injection.This issue affects CiyaShop: from n/a through = 4.18.0...

CVE-2025-39349

Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop ciyashop allows Object Injection.This issue affects CiyaShop: from n/a through = 4.18.0...

CVE-2025-39349 WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object Injection.This issue affects CiyaShop: from n/a through 4.18.0...

CVE-2025-39349 WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop ciyashop allows Object Injection.This issue affects CiyaShop: from n/a through = 4.18.0...

CVE-2025-39349

CVE-2025-39349 : WordPress theme Potenzaglobalsolutions CiyaShop (versions n/a–4.18.0) suffers a PHP Object Injection through deserialization of untrusted data. Underlying risk is tied to object injection (high-impact), with CVSS 3.1 vector: Network, Low complexity, None privileges, no user inter...

WordPress plugin CiyaShop 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

PT-2025-22092 · Potenzaglobalsolutions · Ciyashop

Name of the Vulnerable Software and Affected Versions: Potenzaglobalsolutions CiyaShop versions n/a through 4.18.0 Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. Recommendations: For versions n/a through 4.18.0, update to a version later tha...

WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme CiyaShop versions = 4.18.0...

WordPress CiyaShop Theme <= 4.18.0 is vulnerable to PHP Object Injection

Software CiyaShop Type Theme Vulnerable versions = 4.18.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-39349 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 68a2f2e9e8f8 Credits Bonds Required privilege Unauthenticated Publishe...

CVE-2024-13824

The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.19.0 via deserialization of untrusted input in the 'addciyashopwishlist' and 'ciyashopgetcompare' functions. This makes it possible for unauthenticated...

CVE-2024-13824

The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.19.0 via deserialization of untrusted input in the 'addciyashopwishlist' and 'ciyashopgetcompare' functions. This makes it possible for unauthenticated...

CVE-2024-13824

The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.19.0 via deserialization of untrusted input in the 'addciyashopwishlist' and 'ciyashopgetcompare' functions. This makes it possible for unauthenticated...

CVE-2024-13824

CVE-2024-13824 affects the CiyaShop theme for WordPress. It is an unauthenticated PHP Object Injection vulnerability in all versions up to and including 4.19.0, caused by deserialization of untrusted input in the add_ciyashop_wishlist and ciyashop_get_compare functions. Impact requires a POP chai...

CVE-2024-13824 CiyaShop - Multipurpose WooCommerce Theme <= 4.19.0 - Unauthenticated PHP Object Injection

The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.19.0 via deserialization of untrusted input in the 'addciyashopwishlist' and 'ciyashopgetcompare' functions. This makes it possible for unauthenticated...

CVE-2024-13824 CiyaShop - Multipurpose WooCommerce Theme <= 4.19.0 - Unauthenticated PHP Object Injection

The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.19.0 via deserialization of untrusted input in the 'addciyashopwishlist' and 'ciyashopgetcompare' functions. This makes it possible for unauthenticated...