A high-severity vulnerability has been identified in the Visual Art | Gallery WordPress Theme, which could allow an unauthenticated attacker to inject malicious code into a website. Successful exploitation could lead to a complete site takeover, allowing the attacker to steal sensitive data, deface the website, or use the compromised server for further malicious activities. Organizations using this theme are at significant risk and should take immediate action.

The vulnerability is a Deserialization of Untrusted Data flaw. The theme improperly handles serialized data provided by a user, failing to validate it before processing. An attacker can exploit this by sending a specially crafted data string (a serialized PHP object) to a vulnerable endpoint exposed by the theme. When the application deserializes this malicious string, it creates a harmful object in memory, leading to an Object Injection attack that can result in arbitrary code execution on the server.

This vulnerability is rated as High severity with a CVSS score of 8.8. A successful exploit could have a severe business impact, including a full compromise of the affected website and underlying server. Potential consequences include the theft of sensitive customer data, user credentials, and payment information, leading to significant financial and reputational damage. Furthermore, a compromised website could be used to host malware, launch phishing campaigns against customers, or serve as a pivot point for attacks against the internal network, incurring substantial incident response and recovery costs.

Immediate Action: Immediately update the "Visual Art | Gallery WordPress Theme" to the latest version provided by the vendor, which contains a patch for this vulnerability. If the theme is not actively used or no longer needed, it should be completely deactivated and removed from the WordPress installation to eliminate the risk.

Proactive Monitoring: Monitor web server access logs for unusual POST requests, particularly those containing long, encoded strings that may indicate a serialized payload. Implement file integrity monitoring to detect unauthorized changes to theme files or the creation of new PHP files in web-accessible directories. Scrutinize PHP error logs for warnings related to deserialization functions like unserialize().

Compensating Controls: If patching cannot be performed immediately, implement a Web Application Firewall (WAF) with rules specifically designed to detect and block PHP object injection and deserialization attack patterns. Restrict access to theme-specific endpoints if possible and ensure the web server process runs with the least privileges necessary to limit the impact of a potential compromise.

Public Exploit Available: false

Given the high CVSS score of 8.8 and the potential for complete system compromise, this vulnerability poses a critical risk to the organization. Although this CVE is not currently listed on the CISA KEV list, organizations should not wait for evidence of active exploitation to act. We strongly recommend that all instances of the "Visual Art | Gallery WordPress Theme" be identified and patched immediately. Following the update, a security review should be conducted to look for any signs of prior compromise.