Vulnerabilities > CVE-2025-48134 - Deserialization of Untrusted Data vulnerability in Shapedplugin WP Tabs

047910
CVSS 7.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
shapedplugin
CWE-502
NVD
Published: 2025-05-16
Updated: 2025-05-30

Summary

Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC WP Tabs allows Object Injection. This issue affects WP Tabs: from n/a through 2.2.11.

Vulnerable Configurations

Part Description Count
Application
Shapedplugin
47

Common Weakness Enumeration (CWE)

References