CVE-2025-49073
BaseFortify
Publication date: 2025-06-06
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| axiomthemes | sweet_dessert | to 1.1.13 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-49073 is a high-severity PHP Object Injection vulnerability in the WordPress Sweet Dessert theme versions before 1.1.13. It allows unauthenticated attackers to inject malicious PHP objects, potentially leading to code injection, SQL injection, path traversal, denial of service, and other attacks if a suitable Property Oriented Programming (POP) chain is available. This means attackers can exploit the way the theme deserializes untrusted data to execute harmful actions on the affected website. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized code execution, database compromise through SQL injection, file system access via path traversal, denial of service, and other malicious activities. Since it requires no authentication to exploit, any attacker can potentially take control of the affected website, leading to data breaches, service disruption, and further exploitation. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for signs of PHP Object Injection attacks targeting the Sweet Dessert theme prior to version 1.1.13. Since the vulnerability allows unauthenticated attackers to exploit PHP Object Injection, network or system administrators should look for unusual HTTP requests containing serialized PHP objects or suspicious payloads in POST or GET parameters. Specific commands are not provided in the resources, but general approaches include using web application firewalls (WAF) with rules to detect PHP object injection patterns, inspecting web server logs for suspicious requests, and employing server-side malware scanning as recommended. Plugin-based malware scanners are not reliable for this vulnerability. Patchstack provides a virtual patch that blocks attacks, which can also aid in detection by logging blocked attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Sweet Dessert WordPress theme to version 1.1.13 or later, where the vulnerability is fixed. Until the update can be applied, it is strongly recommended to deploy the Patchstack virtual patch (vPatch), which automatically blocks exploitation attempts without impacting performance. Additionally, if a site is suspected to be compromised, professional incident response and server-side malware scanning should be performed. Reliance on plugin-based malware scanners is discouraged as attackers can tamper with them. [1]