PT-2026-27981 · Themerex · Love Story

Published

2026-03-25

Updated

2026-03-29

CVE-2026-27082

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ThemeREX Love Story versions n/a through 1.3.12

Description An issue exists in ThemeREX Love Story that allows for object injection due to deserialization of untrusted data. This impacts the application's ability to securely handle data input.

Recommendations Update ThemeREX Love Story to a version later than 1.3.12.

Fix

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2026-27082

Affected Products

Love Story

PT-2026-27981 · Themerex · Love Story

CVE-2026-27082

Weakness Enumeration

Related Identifiers

Affected Products

References · 3