{"id":59596,"date":"2025-07-23T22:53:59","date_gmt":"2025-07-23T22:53:59","guid":{"rendered":""},"modified":"2025-09-27T08:15:07","modified_gmt":"2025-09-27T14:15:07","slug":"cve-2025-31422-deserialization-of-untrusted-data-vulnerability-in-visual-art-gallery-wordpress-theme","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-31422-deserialization-of-untrusted-data-vulnerability-in-visual-art-gallery-wordpress-theme\/","title":{"rendered":"CVE-2025-31422: Deserialization of Untrusted Data Vulnerability in Visual Art | Gallery WordPress Theme<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

In the ever-evolving landscape of cybersecurity, new vulnerabilities are discovered every day. One such vulnerability, recently unveiled, is the CVE-2025-31422, which specifically affects the designthemes Visual Art | Gallery WordPress Theme. This vulnerability is caused by the deserialization of untrusted data<\/a> that allows object injection, thereby leading to potential system compromise or data leakage.
\nThis vulnerability is of significant importance due to the wide usage of WordPress<\/a> as a content management system worldwide. It affects all versions of the Visual Art | Gallery WordPress Theme, opening up the possibility of a threat actor exploiting this vulnerability to potentially compromise<\/a> a large number of websites or leak sensitive data.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-31422
\nSeverity: High (CVSS Score: 8.8)
\nAttack Vector: Network
\nPrivileges Required: Low
\nUser Interaction: None
\nImpact: System Compromise, Data Leakage<\/a><\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n