Xtemos

Woodmart

11 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-8097

  • EPSS 0.14%
  • Published 26.07.2025 06:43:22
  • Last modified 29.07.2025 14:14:55

The WoodMart theme for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 8.2.6. This is due to insufficient validation of the qty parameter in the woodmart_update_cart_item function. This makes it possible for...

5.3

CVE-2025-6745

  • EPSS 0.06%
  • Published 11.07.2025 07:22:59
  • Last modified 15.07.2025 13:14:49

The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.2.5 via the woodmart_get_posts_by_query() function due to insufficient restrictions on which posts can be included. This makes it possible...

7.3

CVE-2025-6744

  • EPSS 0.29%
  • Published 08.07.2025 09:22:30
  • Last modified 09.07.2025 13:47:24

The The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.2.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do...

5.4

CVE-2025-6743

  • EPSS 0.04%
  • Published 08.07.2025 06:41:58
  • Last modified 09.07.2025 13:50:02

The Woodmart theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'multiple_markers' attribute in all versions up to, and including, 8.2.3 due to insufficient input sanitization and output escaping on user supplied attrib...

8.8

CVE-2025-6746

  • EPSS 0.16%
  • Published 08.07.2025 06:41:58
  • Last modified 09.07.2025 13:49:30

The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.2.3 via the 'layout' attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to include an...

5.4

CVE-2023-32240

  • EPSS 0.09%
  • Published 02.01.2025 15:15:18
  • Last modified 02.01.2025 15:15:18

Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1.

6.5

CVE-2024-12333

  • EPSS 0.68%
  • Published 12.12.2024 09:15:05
  • Last modified 12.12.2024 09:15:05

The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_sho...

5.3

CVE-2023-25790

  • EPSS 0.14%
  • Published 24.04.2024 16:15:07
  • Last modified 21.11.2024 07:50:12

Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtemos WoodMart allows Cross-Site Scripting (XSS).This issue affects WoodMart: from n/a through 7.0.4.

9.8

CVE-2023-32242

  • EPSS 0.74%
  • Published 21.12.2023 13:15:08
  • Last modified 27.08.2025 04:15:55

Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme.This issue affects WoodMart - Multipurpose WooCommerce Theme: from n/a through 1.0.36.

8.8

CVE-2023-32500

  • EPSS 0.1%
  • Published 09.11.2023 23:15:09
  • Last modified 21.11.2024 08:03:29

Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme <= 7.1.1 versions.