Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
SevenHills Theme: Untrusted Data Can Inject Malicious Objects
CVE-2025-69372
Summary
The SevenHills theme for WordPress has a security issue that allows an attacker to inject malicious code. This could allow an attacker to take control of the website. Update to the latest version of the theme to fix this issue.
Original title
Deserialization of Untrusted Data vulnerability in AncoraThemes SevenHills sevenhills allows Object Injection.This issue affects SevenHills: from n/a through <= 1.6.2.
Original description
Deserialization of Untrusted Data vulnerability in AncoraThemes SevenHills sevenhills allows Object Injection.This issue affects SevenHills: from n/a through <= 1.6.2.
nvd CVSS3.1
9.8
Vulnerability type
CWE-502
Deserialization of Untrusted Data
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026