CVE-2025-67996 | Nestin Plugin up to 1.2.5 on WordPress deserialization

February 19, 2026 Yanac

A vulnerability categorized as critical has been discovered in Nestin Plugin up to 1.2.5 on WordPress. This affects an unknown part. Executing a manipulation can lead to deserialization.

This vulnerability is tracked as CVE-2025-67996. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-2819 | Dromara RuoYi-Vue-Plus up to 5.5.3 Workflow deleteByInstanceIds SaServletFilter authorization
CVE-2025-69398 | Plank Plugin up to 1.7 on WordPress file inclusion