Woodmart Security Vulnerabilities and Issues — Woodmart CVE List

Lucene search

XtemosWoodmart

5 matches found

CVE•added 2024/04/24 4:15 p.m.•136 views

CVE-2023-25790

Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtemos WoodMart allows Cross-Site Scripting (XSS).This issue affects WoodMart: from n/a through 7.0.4.

5.3CVSS6.2AI score0.00103EPSS

CVE•added 2023/06/22 1:15 p.m.•44 views

CVE-2023-32239

Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in xtemos WoodMart theme

5.4CVSS5.2AI score0.00115EPSS

CVE•added 2025/01/02 3:15 p.m.•40 views

CVE-2023-32240

Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1.

5.4CVSS7AI score0.0007EPSS

CVE•added 2025/07/11 8:15 a.m.•8 views

CVE-2025-6745

The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.2.5 via the woodmart_get_posts_by_query() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data fr...

5.3CVSS6.7AI score0.0005EPSS

CVE•added 2025/07/26 7:15 a.m.•5 views

CVE-2025-8097

The WoodMart theme for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 8.2.6. This is due to insufficient validation of the qty parameter in the woodmart_update_cart_item function. This makes it possible for unauthenticated attackers to manipulate cart qua...

5.3CVSS6.3AI score0.00085EPSS