CVE-2025-49330 – Bigin Zoho CRM Contact Form 7 Object Injection Vulnerability

June 17, 2025

CVE ID : CVE-2025-49330

Published : June 17, 2025, 3:15 p.m. | 2 hours, 59 minutes ago

Description : Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin allows Object Injection. This issue affects Integration for Contact Form 7 and Zoho CRM, Bigin: from n/a through 1.3.0.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49508 – LoftOcean CozyStay PHP Remote File Inclusion Vulnerability

Next Article CVE-2025-49261 – ThemBay Diza PHP Remote File Inclusion Vulnerability

Highlights

CVE-2025-43846 – VITS Voice Changing Framework Remote Code Execution

May 5, 2025

CVE ID : CVE-2025-43846

Published : May 5, 2025, 6:15 p.m. | 36 minutes ago

Description : Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_path1 variable takes user input (e.g. a path to a model) and passes it to the show_info function in process_ckpt.py, which uses it to load the model on that path with torch.load, which can lead to unsafe deserialization and remote code execution. As of time of publication, no known patches exist.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

‘No aggressive monetization’ — Nexus Mods’ new ownership responds to worried members

Build AI Agents That Run Your Day – While You Focus on What Matters

Build AI Agents That Run Your Day – While You Focus on What Matters

Faster Builds in Meteor 3.3: Modern Build Stack with SWC and Bundler Optimizations

How to Change Redirect After Login/Register in Laravel Breeze

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

CVE-2025-49330 – Bigin Zoho CRM Contact Form 7 Object Injection Vulnerability

The “Infinite Workday” is Here: Microsoft Warns of Never-Ending Work Driven by Hybrid Models & AI

Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping

CVE-2025-47657 – Productive Minds Productive Commerce SQL Injection

How to use chatgpt4o to redesign your website

CVE-2025-4638 – PCL Zlib Inftrees Pointer Arithmetic Vulnerability

iOS 26 will bring any photo on your iPhone to life with 3D spatial effects

CVE-2025-43846 – VITS Voice Changing Framework Remote Code Execution

Transforming the future of music creation

CVE-2025-5672 – TOTOLINK N302R Plus HTTP POST Request Handler Buffer Overflow Vulnerability

The big VPN choice: System-wide or just in the browser? How to decide

CVE-2025-49330 – Bigin Zoho CRM Contact Form 7 Object Injection Vulnerability

Related Posts