CVE-2025-5497 | slackero phpwcms up to 1.9.45/1.10.8 Feedimport Module processing.inc.php cnt_text deserialization

A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It has been declared as critical. This vulnerability affects unknown code of the file include/inc_module/mod_feedimport/inc/processing.inc.php of the component Feedimport Module. The manipulation of the argument cnt_text leads to deserialization.

This vulnerability was named CVE-2025-5497. The attack can be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-5497 | slackero phpwcms up to 1.9.45/1.10.8 Feedimport Module processing.inc.php cnt_text deserialization

Post correlati

CVE-2024-2226 | Otter Block Plugin up to 2.6.4 on WordPress cross site scripting

CVE-2024-1779 | Admin Side Data Storage for Contact Form 7 Plugin up to 1.1.1 on WordPress Read Status Update authorization

OpenReplay Account Setting cross site scripting (GHSA-xpfv-454c-3fj4)

CVE-2023-38520 | Pinpoint Booking System Plugin up to 2.9.9.3.4 on WordPress unknown vulnerability