Skip to main content

Apicona

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-25400 HIGH This Week

Apicona, a WordPress theme by thememount, contains a PHP object injection vulnerability stemming from unsafe deserialization of untrusted data (CWE-502). All versions through 24.1.0 are affected. An attacker can exploit this to inject arbitrary objects into the application, potentially leading to remote code execution or other malicious object manipulation depending on available gadget chains within the PHP environment.

Deserialization Apicona
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25400
EPSS 0% CVSS 8.8
HIGH This Week

Apicona, a WordPress theme by thememount, contains a PHP object injection vulnerability stemming from unsafe deserialization of untrusted data (CWE-502). All versions through 24.1.0 are affected. An attacker can exploit this to inject arbitrary objects into the application, potentially leading to remote code execution or other malicious object manipulation depending on available gadget chains within the PHP environment.

Deserialization Apicona
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy