🎁Wordfence just launched its bug bounty program. From today through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! Register as a researcher and submit your vulnerabilities today!🎁

Woodmart

Wordfence Intelligence > Vulnerability Database > WordPress Themes > Woodmart

Information

Software Type	Theme
Software Slug	woodmart
Software Status	Active
Software Author	xTemos
Software Website	themeforest.net
Software Downloads	54,859
Software Record Last Updated	February 22, 2023

6 Vulnerabilities

WoodMart <= 7.2.4 - Reflected Cross-Site Scripting

6.1

CVE-2023-41872

Sep 5, 2023

Researcher: Rafie Muhammad

WoodMart <= 7.2.1 - Missing Authorization

4.3

CVE-2023-32240

May 11, 2023

Researcher: Dave Jong

WoodMart <= 7.2.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

6.4

CVE-2023-32239

May 11, 2023

Researcher: Dave Jong

Woodmart <= 7.1.1 - Cross-Site Request Forgery to License Update

6.5

CVE-2023-32500

Mar 1, 2023

Researcher: Vladislav Pokrovsky (ΞX.MI)

WoodMart <= 7.1.1 - Missing Authorization to Shortcode Injection

6.5

CVE-2023-25790

Mar 1, 2023

Researcher: Vladislav Pokrovsky (ΞX.MI)

Woodmart <= 7.0.4 - Unauthenticated Arbitrary Content Injection

5.3

CVE-2023-25790

Feb 16, 2023

Researcher: Vladislav Pokrovsky (ΞX.MI)

Title	CVE ID	CVSS	Researchers	Date
WoodMart <= 7.2.4 - Reflected Cross-Site Scripting	CVE-2023-41872	6.1	Rafie Muhammad	September 5, 2023
WoodMart <= 7.2.1 - Missing Authorization	CVE-2023-32240	4.3	Dave Jong	May 11, 2023
WoodMart <= 7.2.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting	CVE-2023-32239	6.4	Dave Jong	May 11, 2023
Woodmart <= 7.1.1 - Cross-Site Request Forgery to License Update	CVE-2023-32500	6.5	Vladislav Pokrovsky (ΞX.MI)	March 1, 2023
WoodMart <= 7.1.1 - Missing Authorization to Shortcode Injection	CVE-2023-25790	6.5	Vladislav Pokrovsky (ΞX.MI)	March 1, 2023
Woodmart <= 7.0.4 - Unauthenticated Arbitrary Content Injection	CVE-2023-25790	5.3	Vladislav Pokrovsky (ΞX.MI)	February 16, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation