Themesflat Elementor Theme Allows Malicious Code Injection

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.8

Themesflat Elementor Theme Allows Malicious Code Injection

CVE-2025-69382

Summary

A security issue in Themesflat Elementor theme allows an attacker to inject malicious code. This affects Themesflat Elementor theme versions up to 1.0.1. We recommend updating to the latest version to prevent potential security risks.

Original title

Deserialization of Untrusted Data vulnerability in themesflat Themesflat Elementor themesflat-elementor allows Object Injection.This issue affects Themesflat Elementor: from n/a through <= 1.0.1.

Original description

Deserialization of Untrusted Data vulnerability in themesflat Themesflat Elementor themesflat-elementor allows Object Injection.This issue affects Themesflat Elementor: from n/a through <= 1.0.1.

nvd CVSS3.1 9.8

Vulnerability type

CWE-502 Deserialization of Untrusted Data

https://patchstack.com/database/Wordpress/Plugin/themesflat-elementor/vulnerabil...

Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026