14 matches found
CVE-2026-22385
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in don-themes Wolmart wolmart allows PHP Local File Inclusion.This issue affects Wolmart: from n/a through = 1.9.6...
EUVD-2026-9528
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in don-themes Wolmart wolmart allows PHP Local File Inclusion.This issue affects Wolmart: from n/a through = 1.9.6...
CVE-2026-22385 WordPress Wolmart theme <= 1.9.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in don-themes Wolmart wolmart allows PHP Local File Inclusion.This issue affects Wolmart: from n/a through = 1.9.6...
CVE-2026-22385
CVE-2026-22385 is a Local File Inclusion (LFI) flaw in the WordPress Wolmart theme. Data from multiple sources confirms an Improper Control of Filename for Include/Require Statement in PHP, enabling LFI via Wolmart
WordPress Wolmart theme <= 1.9.6 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Wolmart versions = 1.9.6...
CVE-2024-13793
The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.8.11. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13793
The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.8.11. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13793
The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.8.11. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13793 Wolmart | Multi-Vendor Marketplace WooCommerce Theme <= 1.8.11 - Unauthenticated Arbitrary Shortcode Execution in wolmart_loadmore
The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.8.11. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13793
CVE-2024-13793 affects Wolmart – Multi-Vendor Marketplace WooCommerce Theme for WordPress (versions
CVE-2024-13793 Wolmart | Multi-Vendor Marketplace WooCommerce Theme <= 1.8.11 - Unauthenticated Arbitrary Shortcode Execution in wolmart_loadmore
The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.8.11. This is due to the software allowing users to execute an action that does not properly validate a value before running...
PT-2025-20324 · WordPress · The Wolmart | Multi-Vendor Marketplace Woocommerce Theme
Name of the Vulnerable Software and Affected Versions: Wolmart | Multi-Vendor Marketplace WooCommerce Theme versions 1.8.11 and earlier Description: The issue is related to arbitrary shortcode execution due to the software allowing users to execute an action that does not properly validate a valu...
WordPress Wolmart theme <= 1.8.11 - Unauthenticated Arbitrary Shortcode Execution
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Lucio Sá in WordPress Theme Wolmart versions = 1.8.11...
WordPress Wolmart Theme <= 1.8.11 is vulnerable to Content Injection
Software Wolmart Type Theme Vulnerable versions = 1.8.11 Fixed in 1.8.12 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-13793 Patch priority Medium CVSS severity Medium 7.3 Developer Claim ownership PSID 21e712d07197 Credits Lucio Sá Required privilege Unauthenticated...