Deserialization Vulnerability in NHR Options Table Manager by Nazmul Hasan Robin
CVE-2025-27301

7.2HIGH

Key Information:

Vendor: Nazmul Hasan Robin
Status: Nhr Options Table Manager
Vendor: CVE Published:; 24 February 2025

Summary

A deserialization of untrusted data vulnerability exists in the NHR Options Table Manager plugin developed by Nazmul Hasan Robin. This flaw allows for object injection, which may compromise application integrity and security, affecting versions from n/a through 1.1.2. Users of this plugin should take immediate action to mitigate potential risks.

Affected Version(s)

NHR Options Table Manager <= 1.1.2

References

https://patchstack.com/database/wordpress/plugin/nhrrob-o...

vdb-entry

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 24, 2025
Vulnerability Reserved
Feb 21, 2025

Credit

Phan Trong Quan - VNPT Cyber Immunity (Patchstack Alliance)