CVE-2025-60237 | Themeton Finag Plugin up to 1.5.0 on WordPress deserialization

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability categorized as critical has been discovered in Themeton Finag Plugin up to 1.5.0 on WordPress. The impacted element is an unknown function. Executing a manipulation can lead to deserialization.

This vulnerability appears as CVE-2025-60237. The attack may be performed from remote. There is no available exploit.

CVE-2025-60237 | Themeton Finag Plugin up to 1.5.0 on WordPress deserialization

Post correlati

CVE-2025-4537 | yangzongzhuan RuoYi-Vue up to 3.8.9 Password login.vue sensitive information in a cookie

CVE-2025-11648 | Tomofun Furbo 360/Furbo Mini GATT Interface URL TF_FQDN.json server-side request forgery

VDB-278462 | Google Document AI permission

CVE-2024-30038 | Microsoft Windows up to Server 2022 23H2 Win32k heap-based overflow