Woodmart Core 2

To plugin page VDP

WordPress Woodmart Core Plugin <= 1.0.36 is vulnerable to PHP Object Injection

Patch immediately High priority

Known to be exploited Active attempts logged

9.8

Critical severity CVSS 3.1 score

Protect your sites with automated security

Enable Protection

Patchstack is the official security point of contact for WordPress Woodmart Core plugin.

Patchstack Professional users are protected since 09.12.2022

Enable Protection

Solution

Fixed

Update the WordPress Woodmart Core plugin to the latest available version (at least 1.0.37).

Dave Jong (Patchstack) discovered and reported this PHP Object Injection vulnerability in WordPress Woodmart Core Plugin. This could allow a malicious actor to execute code injection, SQL injection, path traversal, denial of service, and more if a proper POP chain is present. This vulnerability has been fixed in version 1.0.37.

Other vulnerabilities in this plugin

0 present

2 patched

View all