VYPR

Education

by WordPress

CVEs (1)

  • CVE-2024-13786CriJul 2, 2025
    risk 0.64cvss 9.8epss 0.01

    The education theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.10 via deserialization of untrusted input in the 'themerex_callback_view_more_posts' function. This makes it possible for unauthenticated attackers to inject a PHP…