BoldThemes Ippsum ippsum: Untrusted Data Can Execute Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.8

BoldThemes Ippsum ippsum: Untrusted Data Can Execute Code

CVE-2025-68541

Summary

The BoldThemes Ippsum ippsum software does not properly handle untrusted input, which can lead to malicious code being executed. This can potentially allow an attacker to take control of the affected system. Update to version 1.2.1 or later to fix this issue.

Original title

Deserialization of Untrusted Data vulnerability in BoldThemes Ippsum ippsum allows Object Injection.This issue affects Ippsum: from n/a through <= 1.2.0.

Original description

Deserialization of Untrusted Data vulnerability in BoldThemes Ippsum ippsum allows Object Injection.This issue affects Ippsum: from n/a through <= 1.2.0.

nvd CVSS3.1 9.8

Vulnerability type

CWE-502 Deserialization of Untrusted Data

https://patchstack.com/database/Wordpress/Theme/ippsum/vulnerability/wordpress-i...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026