CVE-2025-39588 – Ultimate Store Kit Elementor Addons Untrusted Data Deserialization Object Injection

April 20, 2025

CVE ID : CVE-2025-39588

Published : April 17, 2025, 4:15 p.m. | 3 days, 10 hours ago

Description : Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Object Injection. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.4.0.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-39595 – Quentn WP SQL Injection

Next Article Cellebrite Android Zero-Day Exploit PoC Released: CVE-2024-53104

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

Multiple reports suggest a Persona 4 Remake from Atlus will be announced during the Xbox Games Showcase

TC39 advances numerous proposals at latest meeting

TC39 advances numerous proposals at latest meeting

TypeBridge – zero ceremony, compile time rpc for client and server com

Simplify Cloud-Native Development with Quarkus Extensions

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

CVE-2025-39588 – Ultimate Store Kit Elementor Addons Untrusted Data Deserialization Object Injection

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CVE-2025-4318 Critical RCE in AWS Amplify Codegen UI

Aftermarket Software Firm eViridis, Clients Face Unverified Data Breach Claims

CVE-2025-43570 – Substance3D Use After Free Vulnerability

Google improves PWA icons on Chrome for Mac to match Apple’s style

Local information disclosure in apport and systemd-coredump

GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help

Are Logos Becoming Irrelevant in Modern Branding?

Las 4 razones principales para usar MongoDB 8.0

CVE-2025-27445 – RSFirewall Joomla Path Traversal Vulnerability

CVE-2025-39588 – Ultimate Store Kit Elementor Addons Untrusted Data Deserialization Object Injection

Related Posts