4 matches found
CVE-2025-24779
Deserialization of Untrusted Data vulnerability in NooTheme Yogi yogi allows Object Injection.This issue affects Yogi: from n/a through 2.9.3...
CVE-2025-24779 WordPress Yogi theme < 2.9.3 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in NooTheme Yogi yogi allows Object Injection.This issue affects Yogi: from n/a through 2.9.3...
CVE-2025-24779
CVE-2025-24779 concerns WordPress/Yogi: deserialization of untrusted data in NooTheme Yogi up to v2.9.0, enabling object injection. Descriptions across CNVD, Red Hat, NVD and PCI/Vuln sources indicate potential bypass of privilege authentication and access to restricted resources via deserializat...
WordPress Yogi Theme <= 2.9.0 is vulnerable to PHP Object Injection
Software Yogi Type Theme Vulnerable versions = 2.9.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-24779 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 10b2a1712298 Credits Bonds Required privilege Subscriber Published 8 July,...