CVE-2025-54001
Deserialization Object Injection in ThemeREX Classter
Publication date: 2026-03-05
Last updated on: 2026-03-05
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| themerex | classter | to 2.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-54001 is a high-priority PHP Object Injection vulnerability found in the WordPress Classter Theme versions up to and including 2.5.
This vulnerability allows unauthenticated attackers to inject malicious objects into the application, potentially enabling arbitrary code execution, SQL injection, path traversal, denial of service, and other attacks if a suitable PHP Object Injection Property Oriented Programming (POP) chain is present.
It is classified under OWASP Top 10 A3: Injection and has a critical CVSS severity score of 9.8, indicating a high likelihood of exploitation.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including allowing attackers to execute arbitrary code on your server, perform SQL injection to manipulate or steal data, conduct path traversal attacks to access unauthorized files, and cause denial of service conditions.
Since the vulnerability requires no prior authentication, it can be exploited remotely by attackers without any credentials, increasing the risk to affected sites.
Without an official patch, affected users must apply mitigation rules to block attacks targeting this flaw to protect their websites.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
CVE-2025-54001 is a PHP Object Injection vulnerability affecting the WordPress Classter Theme up to version 2.5. Detection typically involves monitoring for attack patterns that exploit PHP Object Injection, such as unusual serialized PHP objects in HTTP requests.
Since no official patch is available, detection can be enhanced by applying the mitigation rule provided by Patchstack, which can block attacks targeting this vulnerability.
Specific commands are not provided in the available resources, but general detection methods include inspecting web server logs for suspicious payloads containing serialized PHP objects or unusual parameters, and using web application firewalls (WAFs) with rules targeting PHP Object Injection.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the mitigation rule issued by Patchstack to block attacks targeting this PHP Object Injection vulnerability in the Classter WordPress theme.
Since no official patch is currently available, users are strongly advised to implement this mitigation immediately to protect their websites.
Additionally, monitoring and restricting unauthenticated access to the affected theme components and employing a web application firewall (WAF) with relevant rules can help reduce the risk of exploitation.