CVE-2025-54719

CVE-2025-54719 describes a deserialization of untrusted data vulnerability in the WordPress theme “NooTheme Yogi - Health Beauty & Yoga” (noo-yogi), affecting versions up to and including 2.9.2. The underlying issue is object injection via deserialization. The entry is corroborated by multiple so...

CVE-2025-54719 WordPress Yogi - Health Beauty & Yoga Theme <= 2.9.2 - Deserialization of untrusted data Vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi allows Object Injection.This issue affects Yogi - Health Beauty & Yoga: from n/a through = 2.9.2...

CVE-2025-54719 WordPress Yogi - Health Beauty & Yoga Theme <= 2.9.2 - Deserialization of untrusted data Vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi allows Object Injection.This issue affects Yogi - Health Beauty & Yoga: from n/a through = 2.9.2...

CVE-2025-54718

CVE-2025-54718 affects the WordPress theme NooTheme Yogi - Health Beauty & Yoga (noo-yogi), with the vulnerability described as a Reflected Cross-Site Scripting (XSS) due to improper input neutralization during web page generation. The issue targets Yogi - Health Beauty & Yoga versions from n/a t...

CVE-2025-54718 WordPress Yogi - Health Beauty & Yoga theme <= 2.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi allows Reflected XSS.This issue affects Yogi - Health Beauty & Yoga: from n/a through = 2.9.2...

WordPress Yogi - Health Beauty & Yoga theme <= 2.9.2 - Cross Site Scripting (XSS) vulnerability

WordPress Yogi - Health Beauty & Yoga theme = 2.9.2 - Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Yogi - Health Beauty & Yoga versions = 2.9.2...

WordPress Yogi - Health Beauty & Yoga Theme <= 2.9.2 - Deserialization of untrusted data Vulnerability

WordPress Yogi - Health Beauty & Yoga Theme = 2.9.2 - Deserialization of untrusted data Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Yogi - Health Beauty & Yoga versions = 2.9.2...

CVE-2025-24779 WordPress Yogi theme < 2.9.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Yogi yogi allows Object Injection.This issue affects Yogi: from n/a through 2.9.3...

CVE-2025-24779

CVE-2025-24779 concerns WordPress/Yogi: deserialization of untrusted data in NooTheme Yogi up to v2.9.0, enabling object injection. Descriptions across CNVD, Red Hat, NVD and PCI/Vuln sources indicate potential bypass of privilege authentication and access to restricted resources via deserializat...

CVE-2025-24779 WordPress Yogi theme <= 2.9.0 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in NooTheme Yogi allows Object Injection. This issue affects Yogi: from n/a through 2.9.0...

WordPress Yogi theme < 2.9.3 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Bonds in WordPress Theme Yogi versions 2.9.3...

WordPress Yogi Theme <= 2.9.0 is vulnerable to PHP Object Injection

Software Yogi Type Theme Vulnerable versions = 2.9.0 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-24779 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 10b2a1712298 Credits Bonds Required privilege Subscriber Published 8 July,...