CVE-2025-48101
CVE-2025-48101 describes a PHP object injection vulnerability in the WordPress plugin “Constant Contact for WordPress” (up to version 4.1.1). The issue arises from deserializing untrusted data, enabling object injection. Public data (NVD/Red Hat/Wordfence/Patchstack/PT-Security) confirms the affe...