{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-69370", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-31T20:12:41.876Z", "datePublished": "2026-02-20T15:46:51.123Z", "dateUpdated": "2026-04-28T20:55:57.311Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "capella", "product": "Capella", "vendor": "ThemeGoods", "versions": [{"lessThanOrEqual": "2.5.5", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:04:44.144Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.<p>This issue affects Capella: from n/a through <= 2.5.5.</p>"}], "value": "Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.This issue affects Capella: from n/a through <= 2.5.5."}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "Object Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:39.060Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/capella/vulnerability/wordpress-capella-theme-2-5-5-php-object-injection-vulnerability?_s_id=cve"}], "title": "WordPress Capella theme <= 2.5.5 - PHP Object Injection vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-24T21:00:11.691335Z", "id": "CVE-2025-69370", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T20:55:57.311Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-69370", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-24T21:00:11.691335Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T21:00:13.292Z"}}], "cna": {"title": "WordPress Capella theme <= 2.5.5 - PHP Object Injection vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "Object Injection"}]}], "affected": [{"vendor": "ThemeGoods", "product": "Capella", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.5.5"}], "packageName": "capella", "collectionURL": "https://themeforest.net", "defaultStatus": "unaffected"}], "datePublic": "2026-04-01T16:04:44.144Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/capella/vulnerability/wordpress-capella-theme-2-5-5-php-object-injection-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.This issue affects Capella: from n/a through <= 2.5.5.", "supportingMedia": [{"type": "text/html", "value": "Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.<p>This issue affects Capella: from n/a through <= 2.5.5.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "Deserialization of Untrusted Data"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-01T14:13:24.105Z"}}}, "cveMetadata": {"cveId": "CVE-2025-69370", "state": "PUBLISHED", "dateUpdated": "2026-04-01T14:13:24.105Z", "dateReserved": "2025-12-31T20:12:41.876Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-02-20T15:46:51.123Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.This issue affects Capella: from n/a through <= 2.5.5."}, {"lang": "es", "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en ThemeGoods Capella capella permite la inyecci\u00f3n de objetos. Este problema afecta a Capella: desde n/a hasta &lt;= 2.5.5."}], "id": "CVE-2025-69370", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-20T16:22:21.153", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/capella/vulnerability/wordpress-capella-theme-2-5-5-php-object-injection-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.5.5]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "capella", "vendor": "themegoods"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-27T20:27:48.173381+00:00", "value": {"mitigation_remediation": ["Upgrade the Capella theme to the latest available release (at least version 2.5.6).", "Verify that the WordPress core and all plugins are updated to their latest versions to avoid potential secondary deserialization vectors.", "If an immediate upgrade is not possible, deactivate or remove the Capella theme from the WordPress installation until a patched version can be applied."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "This vulnerability affects the Capella theme from all unreleased releases through version 2.5.5. Any WordPress installation that has this theme or any older version deployed is potentially compromised. The vendor is ThemeGoods, and the product is the Capella WordPress theme.", "description_and_impact": "The Capella theme contains a deserialization flaw that allows an attacker to inject malicious PHP objects. Because the theme processes untrusted serialized data, an attacker can craft a payload that, when deserialized, results in arbitrary code execution on the host server. The flaw is identified as CWE\u2011502 and is rated with a CVSS score of 9.8, indicating a severe threat to confidentiality, integrity, and availability.", "risk_and_exploitability": "The EPSS score of less than 1% suggests that the broader exploit probability is low, yet the high CVSS 9.8 severity signals that exploitation would be immediately damaging. The attack path does not require special environmental conditions; any legitimate route that triggers the theme\u2019s deserialization logic can be abused. The vulnerability is not currently in the CISA KEV catalog, but an attacker could still target active installations if a malicious file or plugin supply chain path is available."}}}}, "created": "2026-02-23T14:37:22.639793+00:00", "updated": "2026-04-27T20:30:12.277081+00:00", "vendors": ["themegoods", "themegoods$PRODUCT$capella", "wordpress", "wordpress$PRODUCT$wordpress"]}