CVE-2025-9191
CVE-2025-9191 — Houzez WordPress Theme PHP Object Injection . The Houzez theme (WordPress) is vulnerable to PHP Object Injection via deserialization in saved-search-item.php for all versions up to 4.1.6. Exploitation requires authenticated access at Subscriber level or higher; a POP chain is not ...