CVE-2025-31422 – Designthemes Visual Art | Gallery WordPress Theme Object Injection Vulnerability

July 16, 2025

CVE ID : CVE-2025-31422

Published : July 16, 2025, 12:15 p.m. | 5 hours, 59 minutes ago

Description : Deserialization of Untrusted Data vulnerability in designthemes Visual Art | Gallery WordPress Theme allows Object Injection. This issue affects Visual Art | Gallery WordPress Theme: from n/a through 2.4.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47645 – ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes SQL Injection

Next Article CVE-2025-30973 – Codexpert, Inc CoSchool LMS Deserialization of Untrusted Data Object Injection

Highlights

CVE-2025-20188 – Cisco IOS XE Software Wireless LAN Controllers Unauthenticated Remote File Upload and Command Execution Vulnerability

May 7, 2025

CVE ID : CVE-2025-20188

Published : May 7, 2025, 6:15 p.m. | 1 hour, 29 minutes ago

Description : A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.

This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system. An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface. A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges.

Note: For exploitation to be successful, the Out-of-Band AP Image Download feature must be enabled on the device. It is not enabled by default.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Too many open browser tabs? This is still my favorite solution – and has been for years

This new browser won’t monetize your every move – how to try it

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

The details of TC39’s last meeting

The details of TC39’s last meeting

Reclaim Space: Delete Docker Orphan Layers

Notes Android App Using SQLite

KeySmith – SSH key management

KeySmith – SSH key management

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

CVE-2025-31422 – Designthemes Visual Art | Gallery WordPress Theme Object Injection Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

CVE-2025-6693 – RT-Thread Device Memory Corruption Vulnerability

CVE-2025-4367 – WordPress Download Manager Stored Cross-Site Scripting Vulnerability

CVE-2025-3501 – Keycloak Certificate Verification Bypass

Xbox and PC’s best L4D alternative has a new class gameplay video for you

CVE-2025-20188 – Cisco IOS XE Software Wireless LAN Controllers Unauthenticated Remote File Upload and Command Execution Vulnerability

CVE-2025-5271 – Mozilla Firefox Content Security Policy Bypass

Linux Data Recovery: How to Salvage Lost or Corrupted Files

Diablo 4 roadmap re-confirms an expansion for 2026, and it sure looks like there’ll be a new class too

CVE-2025-31422 – Designthemes Visual Art | Gallery WordPress Theme Object Injection Vulnerability

Related Posts