7 matches found
CVE-2025-39349
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop ciyashop allows Object Injection.This issue affects CiyaShop: from n/a through = 4.18.0...
CVE-2025-39349
creationtimestamp| type| source ---|---|--- 2025-05-19 20:39:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16940 2025-05-19 20:48:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpkgzziftf2v...
CVE-2025-39349
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop ciyashop allows Object Injection.This issue affects CiyaShop: from n/a through = 4.18.0...
CVE-2025-39349
CVE-2025-39349 : WordPress theme Potenzaglobalsolutions CiyaShop (versions n/a–4.18.0) suffers a PHP Object Injection through deserialization of untrusted data. Underlying risk is tied to object injection (high-impact), with CVSS 3.1 vector: Network, Low complexity, None privileges, no user inter...
CVE-2025-39349 WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object Injection.This issue affects CiyaShop: from n/a through 4.18.0...
CVE-2025-39349 WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop ciyashop allows Object Injection.This issue affects CiyaShop: from n/a through = 4.18.0...
WordPress CiyaShop Theme <= 4.18.0 is vulnerable to PHP Object Injection
Software CiyaShop Type Theme Vulnerable versions = 4.18.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-39349 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 68a2f2e9e8f8 Credits Bonds Required privilege Unauthenticated Publishe...