CVE-2023-40555

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 20, 2023

Updated: Dec 28, 2023

CWE ID 502

Summary

CVE-2023-40555: A deserialization vulnerability has been discovered in UX-themes' Flatsome, a Multi-Purpose Responsive WooCommerce Theme. This issue puts versions from n/a to 3.17.5 at risk. An attacker could exploit this vulnerability by deserializing untrusted data, potentially leading to arbitrary code execution or denial of service. Users are strongly encouraged to upgrade to a patched version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sXPdwT
https://www.cve.org/CVERecord?id=CVE-2023-40555
https://nvd.nist.gov/vuln/detail/CVE-2023-40555

Back to Vulnerability Database

CVE-2023-40555

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations