CVE-2025-47568

Unknown CVSS: -

Deserialization of Untrusted Data vulnerability in ZoomIt ZoomSounds dzs-zoomsounds allows Object Injection.This issue affects ZoomSounds: from n/a through <= 6.91.

Vendor

Digitalzoomstudio

Product

Zoomsounds

CWE

CWE-502

Yayın Tarihi

2025-05-23 13:15:39

Güncelleme

2026-04-01 17:24:04

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-502 Zoomsounds Digitalzoomstudio 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/dzs-zoomsounds/vulnerability/wordpress-zoomsounds-plugin-6-91-php-object-injection-vulnerability?_s_id=cve

Benzer Kayıtlar

Critical

CVE-2021-4457

The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an arbitrary file anywher…

High

CVE-2025-3431

The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to Arbitrary File Read in…

Medium

CVE-2025-0839

The ZoomSounds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and i…

High

CVE-2024-13776

The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to unauthorized modificati…

High

CVE-2024-13777

The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to PHP Object Injection in…