CVE-2025-0841 | Aridius XYZ up to 20240927 on OpenCart News loadMore deserialization
CVE-2025-0841 | Aridius XYZ up to 20240927 on OpenCart News loadMore deserialization
A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as critical. This vulnerability affects the functionloadMore
of the component News. The manipulation leads to deserialization.
This vulnerability was named CVE-2025-0841. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
Son Yazılar
- CVE-2025-26763 | MetaSlider Responsive Slider Plugin up to 3.94.0 on WordPress deserialization
- CVE-2025-26776 | Chaty Pro Plugin up to 3.3.3 on WordPress unrestricted upload
- CVE-2025-26764 | enituretechnology Distance Based Shipping Calculator Plugin up to 2.0.22 on WordPress authorization
- CVE-2025-27012 | a1post A1POST.BG Shipping for Woo Plugin up to 1.5.1 on WordPress cross-site request forgery
- CVE-2025-26760 | Wow-Company Calculator Builder Plugin up to 1.6.2 on WordPress filename control
- CVE-2025-26757 | FULL SERVICES FULL Customer Plugin up to 3.1.26 on WordPress filename control
- CVE-2025-26774 | Rock Solid Responsive Modal Builder for High Conversion Plugin cross site scripting
- CVE-2025-26973 | WarfarePlugins Social Warfare Plugin up to 4.5.4 on WordPress cross site scripting
- CVE-2025-26756 | grimdonkey Magic the Gathering Card Tooltips Plugin up to 3.5.0 on WordPress cross site scripting
- CVE-2025-26750 | appsbd Vitepos Plugin up to 3.1.3 on WordPress authorization