{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22475", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-07T13:44:16.750Z", "datePublished": "2026-03-05T05:53:46.895Z", "dateUpdated": "2026-04-28T17:18:19.761Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "estate", "product": "Estate", "vendor": "axiomthemes", "versions": [{"lessThanOrEqual": "1.3.4", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:04:52.870Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Deserialization of Untrusted Data vulnerability in axiomthemes Estate estate allows Object Injection.<p>This issue affects Estate: from n/a through <= 1.3.4.</p>"}], "value": "Deserialization of Untrusted Data vulnerability in axiomthemes Estate estate allows Object Injection.This issue affects Estate: from n/a through <= 1.3.4."}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "Object Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:44.956Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/estate/vulnerability/wordpress-estate-theme-1-3-4-php-object-injection-vulnerability?_s_id=cve"}], "title": "WordPress Estate theme <= 1.3.4 - PHP Object Injection vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T15:21:49.720359Z", "id": "CVE-2026-22475", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T17:18:19.761Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-22475", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-09T15:21:49.720359Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T15:21:42.786Z"}}], "cna": {"title": "WordPress Estate theme <= 1.3.4 - PHP Object Injection vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "Object Injection"}]}], "affected": [{"vendor": "axiomthemes", "product": "Estate", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.3.4"}], "packageName": "estate", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-01T16:04:52.870Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/estate/vulnerability/wordpress-estate-theme-1-3-4-php-object-injection-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in axiomthemes Estate estate allows Object Injection.This issue affects Estate: from n/a through <= 1.3.4.", "supportingMedia": [{"type": "text/html", "value": "Deserialization of Untrusted Data vulnerability in axiomthemes Estate estate allows Object Injection.<p>This issue affects Estate: from n/a through <= 1.3.4.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "Deserialization of Untrusted Data"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-01T14:13:59.041Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22475", "state": "PUBLISHED", "dateUpdated": "2026-04-01T14:13:59.041Z", "dateReserved": "2026-01-07T13:44:16.750Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-05T05:53:46.895Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in axiomthemes Estate estate allows Object Injection.This issue affects Estate: from n/a through <= 1.3.4."}, {"lang": "es", "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en axiomthemes Estate estate permite la inyecci\u00f3n de objetos. Este problema afecta a Estate: desde n/d hasta &lt;= 1.3.4."}], "id": "CVE-2026-22475", "lastModified": "2026-04-22T21:26:58.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-05T06:16:21.163", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/estate/vulnerability/wordpress-estate-theme-1-3-4-php-object-injection-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.3.4]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "estate", "vendor": "axiomthemes"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-16T05:18:53.525924+00:00", "value": {"mitigation_remediation": ["Upgrade the Estate theme to the latest version that incorporates the fix for this deserialization flaw.", "If the theme is no longer required, deactivate or uninstall it entirely from the WordPress installation.", "Restrict access to WordPress administrative features and ensure that plugins or custom code do not expose deserialization points; consider implementing input validation or removal of the vulnerable deserialization routine as an additional safeguard."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The Estate theme by axiomthemes for WordPress is affected. All released versions from the earliest available through version 1.3.4 are vulnerable. Only installations using a newer version or a different theme are immune.", "description_and_impact": "The vulnerability is a deserialization of untrusted data flaw that allows an attacker to perform object injection and subsequently execute arbitrary code on the affected system. It is classed as CWE\u2011502, indicating that untrusted serialized data is improperly handled. If exploited, an attacker can gain complete control of the WordPress site, leading to data confidentiality and integrity compromise, and the ability to modify, delete, or exfiltrate content.", "risk_and_exploitability": "The CVSS score is 9.8, classifying the vulnerability as critical. The EPSS score is below 1\u202f%, indicating a very low current exploitation probability. The issue is not listed in CISA\u2019s KEV catalog. The attack vector is not explicitly detailed in the advisory; based on the description it is inferred that exploitation can occur via any input path that the Estate theme processes, such as form submissions or administrative actions within WordPress. The flaw allows remote attackers with write access to the theme\u2019s data handling routines to inject malicious objects."}}}}, "created": "2026-03-06T15:13:58.339728+00:00", "updated": "2026-04-16T05:30:25.787048+00:00", "vendors": ["axiomthemes", "axiomthemes$PRODUCT$estate", "wordpress", "wordpress$PRODUCT$wordpress"]}