cleantalk
Vulnerabilities and Security Researches

Polylang, CVE-2025-64353

CVE, Research URL

CVE-2025-64353

Home page URL

Security reports for Polylang

Application

Polylang

Published on
Oct 31, 2025
Research Description
Deserialization of Untrusted Data vulnerability in Chouby Polylang polylang allows Object Injection.This issue affects Polylang: from n/a through <= 3.7.3.
Affected versions
max 3.7.4.
Status
vulnerable
Previous vulnerability researches
Supertext Translation and Proofreading (CVE-2025-47639) , May 09, 2025
Theme and plugin translation for Polylang (TTfP) (CVE-2022-4169) , Jun 07, 2024
Polylang (CVE-2014-4855) , Jun 06, 2024
Polylang (CVE-2025-64353) , Dec 10, 2025
Polylang , Jan 16, 2025
New vulnerability
Media Library Assistant (CVE-2025-63065) , Jan 09, 2026
Newsletter &#8211; Send awesome emails from WordPress (CVE-2025-67999) , Jan 09, 2026
URL Shortify &#8211; Simple, Powerful and Easy URL Shortener Plugin For WordPress (CVE-2025-12684) , Jan 09, 2026
URL Shortify &#8211; Simple, Powerful and Easy URL Shortener Plugin For WordPress (CVE-2025-13355) , Jan 09, 2026
All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic (CVE-2025-12847) , Jan 09, 2026