📦 Woodmart

CVE-2023-32242 is a PHP object injection vulnerability in the WoodMart WordPress theme that allows attackers to execute arbitrary code through deserialization of untrusted data. This affects all WordP...

The Woodmart WordPress theme allows unauthenticated attackers to execute arbitrary shortcodes due to insufficient input validation in the woodmart_get_products_shortcode() function. This affects all W...

The WoodMart WordPress theme plugin contains a Local File Inclusion vulnerability in the 'layout' attribute that allows authenticated attackers with Contributor-level access or higher to include and e...

Unauthenticated reflected cross-site scripting (XSS) vulnerability in the Xtemos WoodMart WordPress theme allows attackers to inject malicious scripts via crafted URLs. When users click malicious link...

The Woodmart WordPress theme has a stored XSS vulnerability in versions up to 8.2.3 that allows authenticated attackers with contributor-level access or higher to inject malicious scripts into web pag...