CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

RedhatCVE•added 2026/03/26 5:3 p.m.•2 views

CVE-2026-23971

Deserialization of Untrusted Data vulnerability in xtemos WoodMart woodmart allows Object Injection.This issue affects WoodMart: from n/a through = 8.3.8...

8.1CVSS5.8AI score0.00061EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•3 views

EUVD-2026-15544

Deserialization of Untrusted Data vulnerability in xtemos WoodMart woodmart allows Object Injection.This issue affects WoodMart: from n/a through = 8.3.8...

5.8AI score0.00061EPSS

Exploits0References2

NVD•added 2026/03/25 5:16 p.m.•3 views

CVE-2026-23971

Deserialization of Untrusted Data vulnerability in xtemos WoodMart woodmart allows Object Injection.This issue affects WoodMart: from n/a through = 8.3.8...

8.1CVSS0.00061EPSS

Exploits0References1

NVD•added 2025/10/22 3:15 p.m.•1 views

CVE-2025-49936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xtemos WoodMart woodmart allows DOM-Based XSS.This issue affects WoodMart: from n/a through 8.3.2...

6.5CVSS0.0003EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-20411

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00404EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-36497

Malicious code in bioql PyPI...

5.4CVSS9.1AI score0.00318EPSS

Exploits0References1

Cvelist•added 2025/07/08 6:41 a.m.•7 views

CVE-2025-6746 WoodMart <= 8.2.3 - Authenticated (Contributor+) Local File Inclusion

The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.2.3 via the 'layout' attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server,...

8.8CVSS0.00404EPSS

Exploits0References2

Positive Technologies•added 2025/01/02 12:0 a.m.•2 views

PT-2025-1388 · Xtemos · Xtemos Woodmart

Name of the Vulnerable Software and Affected Versions: Xtemos WoodMart versions prior to 7.2.1 Description: The issue is related to a missing authorization vulnerability in Xtemos WoodMart, which allows exploiting incorrectly configured access control security levels. Recommendations: For version...

5.4CVSS9.4AI score0.00318EPSS

Exploits0References5

NVD•added 2024/04/24 4:15 p.m.•16 views

CVE-2023-25790

Improper Authentication, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xtemos WoodMart allows Cross-Site Scripting XSS.This issue affects WoodMart: from n/a through 7.0.4...

5.3CVSS5.1AI score0.00122EPSS

Exploits3References1

Cvelist•added 2024/04/24 3:44 p.m.•21 views

CVE-2023-25790 WordPress WoodMart theme <= 7.0.4 - Unauth Arbitrary Shortcodes Injection

5.3CVSS5.5AI score0.00122EPSS

Exploits3References1

Vulnrichment•added 2024/04/24 3:44 p.m.•37 views

CVE-2023-25790 WordPress WoodMart theme <= 7.0.4 - Unauth Arbitrary Shortcodes Injection

5.3CVSS6.3AI score0.00122EPSS

Exploits3References1

Cvelist•added 2023/12/21 1:3 p.m.•16 views

CVE-2023-32242 WordPress Woodmart Core Plugin <= 1.0.36 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme.This issue affects WoodMart - Multipurpose WooCommerce Theme: from n/a through 1.0.36...

9.8CVSS9.7AI score0.00735EPSS

Exploits0References1

CVE•added 2023/12/21 1:3 p.m.•48 views

CVE-2023-32242

CVE-2023-32242 describes a deserialization-based PHP Object Injection in Woodmart Core (WordPress plugin)

9.8CVSS9.5AI score0.00735EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/11/09 10:22 p.m.•14 views

CVE-2023-32500 WordPress WoodMart theme <= 7.1.1 - Cross Site Request Forgery (CSRF) vulnerability

A vulnerability in xtemos WoodMart woodmart.This issue affects WoodMart: from n/a through = 7.1.1...

5.4CVSS8AI score0.00051EPSS

Exploits0References1

WPVulnDB•added 2023/09/26 12:0 a.m.•33 views

WoodMart < 7.2.5 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00083EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/09/25 1:5 a.m.•12 views

CVE-2023-41872 WordPress WoodMart Theme <= 7.2.4 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Xtemos WoodMart plugin = 7.2.4 versions...

7.1CVSS5.8AI score0.00083EPSS

Exploits0References1

NVD•added 2023/06/22 1:15 p.m.•12 views

CVE-2023-32239

Auth. subscriber+ Stored Cross-Site Scripting XSS vulnerability in xtemos WoodMart theme = 7.2.1 versions...

5.4CVSS5.2AI score0.0016EPSS

Exploits0References1

Cvelist•added 2023/06/22 12:11 p.m.•20 views

CVE-2023-32239 WordPress WoodMart Theme <= 7.2.1 is vulnerable to Cross Site Scripting (XSS)

Auth. subscriber+ Stored Cross-Site Scripting XSS vulnerability in xtemos WoodMart theme = 7.2.1 versions...

5.4CVSS5.4AI score0.0016EPSS

Exploits0References1

WPVulnDB•added 2023/05/11 12:0 a.m.•23 views

WoodMart < 7.2.2 - Subscriber+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as subscriber to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.9AI score0.0016EPSS

Exploits0Affected Software1

VulnCheck KEV•added 2023/05/11 12:0 a.m.•1 views

VulnCheck KEV: CVE-2023-32242

Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme.This issue affects WoodMart - Multipurpose WooCommerce Theme: from n/a through 1.0.36...

9.8CVSS7.3AI score0.00735EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by