Skip to main content

Kidz

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-25029 CRITICAL Act Now

A deserialization of untrusted data vulnerability exists in the park_of_ideas KIDZ theme that permits object injection attacks. All versions of KIDZ through 5.24 are affected, as confirmed via CPE cpe:2.3:a:park_of_ideas:kidz:*:*:*:*:*:*:*:*. An attacker can inject malicious serialized PHP objects to achieve arbitrary code execution or other unintended actions on affected WordPress installations running this theme.

Deserialization Kidz
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-25029
EPSS 0% CVSS 9.8
CRITICAL Act Now

A deserialization of untrusted data vulnerability exists in the park_of_ideas KIDZ theme that permits object injection attacks. All versions of KIDZ through 5.24 are affected, as confirmed via CPE cpe:2.3:a:park_of_ideas:kidz:*:*:*:*:*:*:*:*. An attacker can inject malicious serialized PHP objects to achieve arbitrary code execution or other unintended actions on affected WordPress installations running this theme.

Deserialization Kidz
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy