Skip to main content

Goldish

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-25030 CRITICAL PATCH Act Now

A PHP Object Injection vulnerability exists in the park_of_ideas Goldish theme due to insecure deserialization of untrusted data, allowing attackers to inject arbitrary objects and potentially achieve remote code execution or other malicious outcomes. The vulnerability affects Goldish versions prior to 3.47. While no CVSS score or EPSS data is publicly available, the CWE-502 classification indicates a serious deserialization flaw that could be exploited if untrusted data is processed without validation.

Deserialization Goldish
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-25030
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

A PHP Object Injection vulnerability exists in the park_of_ideas Goldish theme due to insecure deserialization of untrusted data, allowing attackers to inject arbitrary objects and potentially achieve remote code execution or other malicious outcomes. The vulnerability affects Goldish versions prior to 3.47. While no CVSS score or EPSS data is publicly available, the CWE-502 classification indicates a serious deserialization flaw that could be exploited if untrusted data is processed without validation.

Deserialization Goldish
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy