cleantalk
Vulnerabilities and Security Researches

Polylang, CVE-2025-64353

CVE, Research URL

CVE-2025-64353

Home page URL

Security reports for Polylang

Application

Polylang

Published on
Oct 31, 2025
Research Description
Deserialization of Untrusted Data vulnerability in Chouby Polylang polylang allows Object Injection.This issue affects Polylang: from n/a through <= 3.7.3.
Affected versions
max 3.7.4.
Status
vulnerable
Previous vulnerability researches
WooCommerce Loyal Customers (CVE-2025-32544) , Apr 15, 2025
New vulnerability
Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form (CVE-2026-25418) , Feb 28, 2026
Image Photo Gallery Final Tiles Grid (CVE-2026-25375) , Feb 28, 2026
Share This Image (CVE-2026-25010) , Feb 28, 2026
Bold Page Builder (CVE-2026-25451) , Feb 28, 2026
Bold Page Builder (CVE-2025-13463) , Feb 28, 2026