Xtemos

Woodmart

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-8097

  • EPSS 0.14%
  • Veröffentlicht 26.07.2025 06:43:22
  • Zuletzt bearbeitet 29.07.2025 14:14:55

The WoodMart theme for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 8.2.6. This is due to insufficient validation of the qty parameter in the woodmart_update_cart_item function. This makes it possible for...

5.3

CVE-2025-6745

  • EPSS 0.06%
  • Veröffentlicht 11.07.2025 07:22:59
  • Zuletzt bearbeitet 15.07.2025 13:14:49

The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.2.5 via the woodmart_get_posts_by_query() function due to insufficient restrictions on which posts can be included. This makes it possible...

7.3

CVE-2025-6744

  • EPSS 0.29%
  • Veröffentlicht 08.07.2025 09:22:30
  • Zuletzt bearbeitet 09.07.2025 13:47:24

The The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.2.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do...

5.4

CVE-2025-6743

  • EPSS 0.04%
  • Veröffentlicht 08.07.2025 06:41:58
  • Zuletzt bearbeitet 09.07.2025 13:50:02

The Woodmart theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'multiple_markers' attribute in all versions up to, and including, 8.2.3 due to insufficient input sanitization and output escaping on user supplied attrib...

8.8

CVE-2025-6746

  • EPSS 0.16%
  • Veröffentlicht 08.07.2025 06:41:58
  • Zuletzt bearbeitet 09.07.2025 13:49:30

The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.2.3 via the 'layout' attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to include an...

5.4

CVE-2023-32240

  • EPSS 0.09%
  • Veröffentlicht 02.01.2025 15:15:18
  • Zuletzt bearbeitet 02.01.2025 15:15:18

Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1.

6.5

CVE-2024-12333

  • EPSS 1.08%
  • Veröffentlicht 12.12.2024 09:15:05
  • Zuletzt bearbeitet 12.12.2024 09:15:05

The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_sho...

5.3

CVE-2023-25790

  • EPSS 0.14%
  • Veröffentlicht 24.04.2024 16:15:07
  • Zuletzt bearbeitet 21.11.2024 07:50:12

Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtemos WoodMart allows Cross-Site Scripting (XSS).This issue affects WoodMart: from n/a through 7.0.4.

9.8

CVE-2023-32242

  • EPSS 0.74%
  • Veröffentlicht 21.12.2023 13:15:08
  • Zuletzt bearbeitet 27.08.2025 04:15:55

Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme.This issue affects WoodMart - Multipurpose WooCommerce Theme: from n/a through 1.0.36.

8.8

CVE-2023-32500

  • EPSS 0.1%
  • Veröffentlicht 09.11.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:03:29

Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme <= 7.1.1 versions.