CVE-2025-64353

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Chouby Polylang versions through 3.7.3

Description The Polylang software contains a flaw related to the deserialization of untrusted data, which can lead to object injection. This issue allows for potential malicious code execution through the processing of improperly serialized data.

Recommendations Update Polylang to a version newer than 3.7.3.

Fix

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2025-64353

Affected Products

Polylang

CVE-2025-64353

Weakness Enumeration

Related Identifiers

Affected Products

References · 6