4 matches found
CVE-2025-32572
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through = 1.5.3...
CVE-2025-32572
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through = 1.5.3...
CVE-2025-32572
CVE-2025-32572 is a PHP object injection flaw caused by deserialization of untrusted data in the Kata Plus WordPress plugin family (Kata Plus – Addons for Elementor – Widgets, Extensions and Templates). Affected versions range up to 1.5.2 (with CVE entries tracking up to 1.5.3 per Patchstack/Word...
WordPress Kata Plus Plugin <= 1.5.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Le Ngoc Anh in WordPress Plugin Kata Plus versions = 1.5.3...