Skip to main content

Love Story

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-27082 CRITICAL Act Now

A PHP Object Injection vulnerability exists in ThemeREX Love Story WordPress theme through version 1.3.12, stemming from unsafe deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects that can lead to remote code execution or other object-oriented attack chains. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and has been reported by Patchstack; no CVSS score or EPSS data is currently available, and KEV status is unknown.

Deserialization Love Story
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27082
EPSS 0% CVSS 9.8
CRITICAL Act Now

A PHP Object Injection vulnerability exists in ThemeREX Love Story WordPress theme through version 1.3.12, stemming from unsafe deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects that can lead to remote code execution or other object-oriented attack chains. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and has been reported by Patchstack; no CVSS score or EPSS data is currently available, and KEV status is unknown.

Deserialization Love Story
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy