CVE-2025-0841 | Aridius XYZ up to 20240927 on OpenCart News loadMore deserialization

Posted by Angelo Barbosa | Jan 29, 2025 | CVE

A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as critical. This vulnerability affects the function loadMore of the component News. The manipulation leads to deserialization.

This vulnerability was named CVE-2025-0841. The attack can be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-0841 | Aridius XYZ up to 20240927 on OpenCart News loadMore deserialization

Related Posts

CVE-2024-38734 | SpreadsheetConverter Import Spreadsheets from Microsoft Excel Plugin up to 10.1.4 on WordPress unrestricted upload

CVE-2024-52584 | Autolab 3.0.1 authorization (GHSA-rjg4-cf66-x6gr)

CVE-2024-1636 | Progress Sitefinity prior 13.3.7649/14.4.8135/15.0.8227 Page Editing Area cross site scripting

CVE-2023-44142 | Inactive Logout Plugin up to 3.2.2 on WordPress authorization