WordPress Solar Energy theme <= 3.5 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Solar Energy versions = 3.5...

WordPress Solar Energy Theme <= 3.5 is vulnerable to PHP Object Injection

Software Solar Energy Type Theme Vulnerable versions = 3.5 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-32283 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 835d026bbefc Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

CVE-2025-48336 WordPress Course Builder < 3.6.6 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in ThimPress Course Builder course-builder allows Object Injection.This issue affects Course Builder: from n/a through 3.6.6...

WordPress WP Posts Carousel <= 1.3.12 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by astra.r3verii Patchstack Alliance in WordPress Plugin WP Posts Carousel versions = 1.3.12...

WordPress Course Builder Theme < 3.6.6 is vulnerable to PHP Object Injection

Software Course Builder Type Theme Vulnerable versions 3.6.6 Fixed in 3.6.6 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-48336 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 330f3e0387ca Credits Annn Required privilege Unauthenticated...

CVE-2025-31049 WordPress Dash <= 1.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3...

CVE-2025-31069 WordPress HotStar – Multi-Purpose Business Theme <= 1.4 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Object Injection. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4...

CVE-2025-31069 WordPress HotStar – Multi-Purpose Business Theme <= 1.4 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Object Injection. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4...

CVE-2025-31430 WordPress The Business <= 1.6.1 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton The Business allows Object Injection. This issue affects The Business: from n/a through 1.6.1...

CVE-2025-31423 WordPress Umberto <= 1.2.8 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Umberto allows Object Injection. This issue affects Umberto: from n/a through 1.2.8...

CVE-2025-31430 WordPress The Business <= 1.6.1 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton The Business allows Object Injection. This issue affects The Business: from n/a through 1.6.1...

CVE-2025-31423 WordPress Umberto theme <= 1.2.8 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Umberto umberto allows Object Injection.This issue affects Umberto: from n/a through = 1.2.8...

CVE-2025-31631 WordPress Fish House theme <= 1.2.7 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Fish House fish-house allows Object Injection.This issue affects Fish House: from n/a through = 1.2.7...

CVE-2025-31631 WordPress Fish House <= 1.2.7 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Fish House allows Object Injection. This issue affects Fish House: from n/a through 1.2.7...

CVE-2025-31924 WordPress Crafts & Arts theme <= 2.5 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Crafts & Arts crafts-and-arts allows Object Injection.This issue affects Crafts & Arts: from n/a through = 2.5...

CVE-2025-31924 WordPress Crafts & Arts theme <= 2.5 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Crafts & Arts crafts-and-arts allows Object Injection.This issue affects Crafts & Arts: from n/a through = 2.5...

CVE-2025-32284 WordPress Pet World <= 2.8 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Pet World allows Object Injection. This issue affects Pet World: from n/a through 2.8...

CVE-2025-31927 WordPress Acerola <= 1.6.5 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton Acerola allows Object Injection. This issue affects Acerola: from n/a through 1.6.5...

CVE-2025-32284 WordPress Pet World theme <= 2.8 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Pet World petsworld allows Object Injection.This issue affects Pet World: from n/a through = 2.8...

CVE-2025-32292 WordPress Jarvis – Night Club, Concert, Festival WordPress theme <= 1.8.11 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Jarvis – Night Club, Concert, Festival WordPress jarvis allows Object Injection.This issue affects Jarvis – Night Club, Concert, Festival WordPress: from n/a through = 1.8.11...