VictorThemes Seil Theme Deserialization of Untrusted Data Vulnerability Allowing Object Injection

Vulnerability

A deserialization of untrusted data vulnerability has been identified in VictorThemes Seil theme versions through 1.7.1. This vulnerability allows for object injection, which could be exploited to manipulate objects in a way that may lead to further attacks or exploitation.

Impact

Exploitation of this vulnerability could lead to object injection, allowing attackers to manipulate objects and potentially execute arbitrary code or conduct other malicious activities, depending on the application's context and how it handles the injected objects.

Added: Nov 6, 2025, 4:57 PM

Updated: Nov 6, 2025, 9:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

VictorThemes Seil Theme Deserialization of Untrusted Data Vulnerability Allowing Object Injection

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating