Deserialization of Untrusted Data in Themify Popup by Themify
CVE-2026-56037
8.8HIGH
What is CVE-2026-56037?
A vulnerability exists in Themify Popup, where an attacker may exploit deserialization of untrusted data to perform object injection. This flaw affects versions from n/a to 1.4.3, potentially allowing unauthorized manipulation of application functionality or execution of arbitrary code.
Affected Version(s)
Themify Popup <= 1.4.3