CVE-2025-60215 | designthemes Kriya Plugin up to 3.4 on WordPress deserialization

October 22, 2025 Yanac

A vulnerability identified as critical has been detected in designthemes Kriya Plugin up to 3.4 on WordPress. This impacts an unknown function. This manipulation causes deserialization.

The identification of this vulnerability is CVE-2025-60215. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-60216 | BoldThemes Addison Plugin up to 1.4.2 on WordPress deserialization
CVE-2025-59571 | purethemes WorkScout-Core Plugin up to 1.7.06 on WordPress cross site scripting