Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
PeakShops Untrusted Data Can Cause Unintended Code Execution
CVE-2025-69294
Summary
The PeakShops plugin for WordPress may allow an attacker to execute malicious code by manipulating how data is processed. This affects all versions up to 1.5.9. To protect your site, update to a fixed version of PeakShops as soon as possible.
Original title
Deserialization of Untrusted Data vulnerability in fuelthemes PeakShops peakshops allows Object Injection.This issue affects PeakShops: from n/a through <= 1.5.9.
Original description
Deserialization of Untrusted Data vulnerability in fuelthemes PeakShops peakshops allows Object Injection.This issue affects PeakShops: from n/a through <= 1.5.9.
nvd CVSS3.1
8.8
Vulnerability type
CWE-502
Deserialization of Untrusted Data
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026