{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-67996", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-15T10:00:44.501Z", "datePublished": "2026-02-20T15:46:33.328Z", "dateUpdated": "2026-04-28T19:33:05.319Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "nestin", "product": "Nestin", "vendor": "BoldThemes", "versions": [{"changes": [{"at": "1.2.6", "status": "unaffected"}], "lessThanOrEqual": "1.2.6", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:02:17.622Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.<p>This issue affects Nestin: from n/a through < 1.2.6.</p>"}], "value": "Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.This issue affects Nestin: from n/a through < 1.2.6."}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "Object Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:25.272Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/nestin/vulnerability/wordpress-nestin-theme-1-2-6-php-object-injection-vulnerability?_s_id=cve"}], "title": "WordPress Nestin theme < 1.2.6 - PHP Object Injection vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-24T20:59:20.485674Z", "id": "CVE-2025-67996", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T19:33:05.319Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-67996", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-24T20:59:20.485674Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T20:58:36.056Z"}}], "cna": {"title": "WordPress Nestin theme < 1.2.6 - PHP Object Injection vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "Object Injection"}]}], "affected": [{"vendor": "BoldThemes", "product": "Nestin", "versions": [{"status": "affected", "changes": [{"at": "1.2.6", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "< 1.2.6"}], "packageName": "nestin", "collectionURL": "https://themeforest.net", "defaultStatus": "unaffected"}], "datePublic": "2026-02-20T16:44:02.501Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/nestin/vulnerability/wordpress-nestin-theme-1-2-6-php-object-injection-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.This issue affects Nestin: from n/a through < 1.2.6.", "supportingMedia": [{"type": "text/html", "value": "Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.<p>This issue affects Nestin: from n/a through < 1.2.6.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "Deserialization of Untrusted Data"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-02-20T15:46:33.328Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67996", "state": "PUBLISHED", "dateUpdated": "2026-02-24T20:59:31.083Z", "dateReserved": "2025-12-15T10:00:44.501Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-02-20T15:46:33.328Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.This issue affects Nestin: from n/a through < 1.2.6."}, {"lang": "es", "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en BoldThemes Nestin nestin permite la inyecci\u00f3n de objetos. Este problema afecta a Nestin: desde n/d hasta &lt; 1.2.6."}], "id": "CVE-2025-67996", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-20T16:22:05.907", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/nestin/vulnerability/wordpress-nestin-theme-1-2-6-php-object-injection-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.2.6)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Nestin", "source": "cna", "vendor": "BoldThemes"}, "product": "nestin", "vendor": "boldthemes"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-27T20:51:51.629511+00:00", "value": {"mitigation_remediation": ["Upgrade the Nestin theme to version 1.2.6 or later, which fixes the deserialization flaw.", "If an immediate upgrade is not possible, disable the Nestin theme or switch to a different, secure theme to eliminate the attack surface.", "Review any custom code that processes serialized data in the theme and ensure that only trusted data is deserialized, or remove such calls altogether."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Any instance of the BoldThemes Nestin theme with a version prior to 1.2.6 is impacted. This includes all versions listed as n/a through <1.2.6, meaning any deployment running a Nestin theme version older than 1.2.6 is vulnerable. WordPress sites that have not applied the 1.2.6 update remain at risk.", "description_and_impact": "The vulnerability is a deserialization of untrusted data flaw in the BoldThemes Nestin WordPress theme that permits PHP Object Injection. This can enable an attacker to instantiate arbitrary PHP objects and potentially execute remote code, leading to complete compromise of the affected WordPress site. The weakness is classified as CWE\u2011502, which denotes insecure deserialization.", "risk_and_exploitability": "The CVSS score of 9.8 indicates a critical severity, and while the EPSS score of <1% suggests a very low current exploitation probability, the absence of the vulnerability from the CISA KEV list means there are no known large-scale active attacks. The likely attack vector is through the theme\u2019s processing of user-supplied serialized data, such as form submissions or query parameters. An attacker who can inject malicious serialized payloads may trigger arbitrary code execution on the server."}}}}, "created": "2026-02-23T14:46:01.013038+00:00", "updated": "2026-04-27T21:00:13.158315+00:00", "vendors": ["boldthemes", "boldthemes$PRODUCT$nestin", "wordpress", "wordpress$PRODUCT$wordpress"]}