WordPress WoodMart theme <= 8.3.8 - PHP Object Injection vulnerability

Description

A vulnerability identified as critical has been detected in xtemos WoodMart Plugin up to 8.3.8 on WordPress. This impacts an unknown function. The manipulation leads to deserialization.

Affected Products

Vendor	Product	Versions
xtemos	WoodMart	n/a

References

https://patchstack.com/database/Wordpress/Theme/woodmart/vulnerability/wordpress-woodmart-theme-8-3-8-php-object-injection-vulnerability?_s_id=cve(vdb-entry)

Related News (1 articles)

Tier C

VulDB4h ago

CVE-2026-23971 | xtemos WoodMart Plugin up to 8.3.8 on WordPress deserialization

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-502

Published3/25/2026

Last enriched3h agov2

Trending Score40

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 3h ago

v2Tier C3h ago

Updated severity to CRITICAL, added new description, and marked the vulnerability as actively exploited.

descriptionseverityactivelyExploited

via VulDB

v13h ago

Initial creation