Vulnerabilities > Potenzaglobalsolutions

DATE CVE VULNERABILITY TITLE RISK
2025-03-14 CVE-2024-13824 Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions Ciyashop
The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.19.0 via deserialization of untrusted input in the 'add_ciyashop_wishlist' and 'ciyashop_get_compare' functions.
network
low complexity
potenzaglobalsolutions CWE-502
critical
9.8