Deserialization Vulnerability in Togo Theme from uxper
CVE-2025-62035

Currently unrated

Key Information:

Vendor

WordPress
Status
Togo
Vendor
CVE Published:
6 November 2025

What is CVE-2025-62035?

A deserialization of untrusted data vulnerability in the Togo Theme developed by uxper allows an attacker to exploit the system's trust in user input. This issue primarily affects Togo Theme versions prior to 1.0.4, potentially leading to unauthorized access and manipulation of the application’s functionality.

Affected Version(s)

Togo <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Theme/togo/...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program
JSON
.
CVE-2025-62035 : Deserialization Vulnerability in Togo Theme from uxper