CVE-2025-48289 – AncoraThemes Kids Planet Deserialization of Untrusted Data Object Injection Vulnerability

May 28, 2025

CVE ID : CVE-2025-48289

Published : May 23, 2025, 1:15 p.m. | 5 days ago

Description : Deserialization of Untrusted Data vulnerability in AncoraThemes Kids Planet allows Object Injection. This issue affects Kids Planet: from n/a through 2.2.14.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48292 – GoodLayers Tourmaster PHP Remote File Inclusion Vulnerability

Next Article This AI Paper Introduces MMaDA: A Unified Multimodal Diffusion Model for Textual Reasoning, Visual Understanding, and Image Generation

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

Steam takes down tons of porn games, cracks down on “certain kinds of adult-only content” — here’s why, and its new policy

Oblivion Remastered and Metal Gear Solid Delta co-developer Virtuos faces layoffs — with 270 workers cut

The details of TC39’s last meeting

The details of TC39’s last meeting

Notes Android App Using SQLite

How to Get Security Patches for Legacy Unsupported Node.js Versions

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

Steam takes down tons of porn games, cracks down on “certain kinds of adult-only content” — here’s why, and its new policy

CVE-2025-48289 – AncoraThemes Kids Planet Deserialization of Untrusted Data Object Injection Vulnerability

Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors

Devman Claims Cyberattack on Thailand Ministry of Labour, Demands $15M Ransom

Beyond Aha Moments: Structuring Reasoning in Large Language Models

CVE-2025-7574 – LB-LINK Web Interface Improper Authentication Vulnerability

CVE-2025-4715 – Campcodes Sales and Inventory System SQL Injection Vulnerability

Chrome Security Patch Addresses WebAudio Vulnerability Allowing Code Execution

MLOps vs DevOps: Understanding the Key Differences and Synergies

Thin Fonts Are a Usability Nightmare

ChatGPT falls for a “dead grandma” scam and generates Microsoft Windows 7 activation keys — but they’re useless

Wenodo Hospitality Accounting & Bookkeeping Services

CVE-2025-48289 – AncoraThemes Kids Planet Deserialization of Untrusted Data Object Injection Vulnerability

Related Posts