CVE-2025-39588 – Ultimate Store Kit Elementor Addons Untrusted Data Deserialization Object Injection

April 20, 2025

CVE ID : CVE-2025-39588

Published : April 17, 2025, 4:15 p.m. | 3 days, 10 hours ago

Description : Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Object Injection. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.4.0.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-39595 – Quentn WP SQL Injection

Next Article Cellebrite Android Zero-Day Exploit PoC Released: CVE-2024-53104

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

ChatGPT now has an agent mode

Scrum Alliance and Kanban University partner to offer new course that teaches both methodologies

Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying

I found a tablet that could replace my iPad and Kindle – and it’s worth every penny

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

Execute Ping Commands and Get Back Structured Data in PHP

Execute Ping Commands and Get Back Structured Data in PHP

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

Microsoft confirms active cyberattacks on SharePoint servers

How to Manually Check & Install Windows 11 Updates (Best Guide)

CVE-2025-39588 – Ultimate Store Kit Elementor Addons Untrusted Data Deserialization Object Injection

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics

Assessing the Role of AI in Zero Trust

CVE-2025-32926 – ThemeGoods Grand Restaurant WordPress Path Traversal Vulnerability

GeForce NOW adds Dune: Awakening, The Alters and 40% off day pass deal

This AI Paper from ByteDance Introduces a Hybrid Reward System Combining Reasoning Task Verifiers (RTV) and a Generative Reward Model (GenRM) to Mitigate Reward Hacking

Distribution Release: Ultramarine 41

CVE-2025-52922 – Innoshop Directory Traversal Remote File Inclusion

CVE-2025-48468 – “Juniper JTAG Firmware Injection Vulnerability”

Code Your Own Llama 4 LLM from Scratch

CVE-2025-39588 – Ultimate Store Kit Elementor Addons Untrusted Data Deserialization Object Injection

Related Posts