Intruder logoIntruder logo

Insights

CVE-2025-23944

Published Jan 22, 2025

Last updated 4 months ago

CVSS high 8.8
  1. Overview

  2. Scores

  3. Weaknesses

  4. Social media

  5. References

Overview

Description
Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a through 5.0.0.
Source
audit@patchstack.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

audit@patchstack.com
CWE-502

Social media

Hype score
Not currently trending
  1. CVE-2025-23944 Deserialization of Untrusted Data vulnerability in https://t.co/KyyGxqMtvp WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a through 5.0.0. https://t.co/K5aqx3dw7V

    @CVEnew

    22 Jan 2025

    138 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [CVE-2025-23944: HIGH] Deserialization of Untrusted Data vulnerability in https://t.co/FndbOSz6no WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a through 5.0.0.#cybersecurity,#vulnerability https://t.co/coi1W0XtiP https://t.co/uC4ZMJgn2D

    @CveFindCom

    22 Jan 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.

  • https://nvd.nist.gov/vuln/detail/CVE-2025-23944
  • https://patchstack.com/database/wordpress/plugin/wooexim/vulnerability/wordpress-wooexim-plugin-5-0-0-php-object-injection-vulnerability?_s_id=cve
TRY INTRUDER
Intruder logo

© 2025 Intruder Systems Ltd.

AboutPrivacySitemapFeeds