CVE-2026-32502
Received Received - Intake
Deserialization Object Injection in Borgholm Theme

Publication date: 2026-03-25

Last updated on: 2026-03-26

Assigner: Patchstack

Description
Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing-agency-theme allows Object Injection.This issue affects Borgholm: from n/a through < 1.6.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-03-26
Generated
2026-06-16
AI Q&A
2026-03-25
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32502
EUVD
EUVD-2026-15854
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
borgholm borgholm_marketing_agency_theme to 1.6 (exc)
select-themes borgholm_marketing_agency_theme to 1.6 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-32502 is a high-priority PHP Object Injection vulnerability found in the WordPress Borgholm Theme versions prior to 1.6. It allows unauthenticated attackers to inject malicious PHP objects by exploiting deserialization of untrusted data. This can lead to severe impacts such as code injection, SQL injection, path traversal, denial of service, and other attacks if a suitable Property Oriented Programming (POP) chain is available.

The vulnerability requires no privileges to exploit and falls under the OWASP Top 10 category A3: Injection. It was reported on January 20, 2026, and patched in version 1.6 of the theme.

Impact Analysis

This vulnerability can have severe impacts including unauthorized code execution, SQL injection, path traversal, and denial of service on websites using vulnerable versions of the Borgholm Theme. Attackers can exploit it without any authentication, potentially compromising the entire website.

Due to its high severity and ease of exploitation, it is expected to be targeted in mass attack campaigns affecting many websites regardless of their traffic or popularity.

Detection Guidance

This vulnerability affects WordPress Borgholm Theme versions prior to 1.6 and involves PHP Object Injection exploitable without authentication.

Detection can involve checking the version of the Borgholm Theme installed on your WordPress site to see if it is older than 1.6.

Additionally, monitoring for suspicious HTTP requests that attempt to exploit PHP Object Injection patterns could help detect attacks.

Patchstack provides an automatic mitigation rule that can be used to block attacks targeting this vulnerability, which may also assist in detection.

Specific commands are not provided in the resources, but you can check the theme version via WP-CLI with a command like: wp theme list --status=active

Network monitoring tools or web application firewalls (WAFs) with rules for PHP Object Injection attempts can be used to detect exploitation attempts.

Mitigation Strategies

The immediate and recommended mitigation is to update the Borgholm Theme to version 1.6 or later, where the vulnerability is patched.

Until the update can be applied, Patchstack provides an automatic mitigation rule that can block attacks targeting this vulnerability.

Applying such mitigation rules via a web application firewall or security plugin can reduce the risk of exploitation.

Prompt remediation is critical due to the high severity and likelihood of mass exploitation campaigns.

Compliance Impact

The provided information does not specify how the CVE-2026-32502 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32502. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart