WordPress WoodMart theme <= 8.3.8 - PHP Object Injection vulnerability

Description

A vulnerability identified as critical has been detected in xtemos WoodMart Plugin up to 8.3.8 on WordPress. This impacts an unknown function. The manipulation leads to deserialization.

Affected Products

Vendor	Product	Versions
xtemos	WoodMart	n/a

References

https://patchstack.com/database/Wordpress/Theme/woodmart/vulnerability/wordpress-woodmart-theme-8-3-8-php-object-injection-vulnerability?_s_id=cve(vdb-entry)

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2026-23971 | xtemos WoodMart Plugin up to 8.3.8 on WordPress deserialization

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-502

Published3/25/2026

Last enriched1h agov2

Trending Score41

Source articles2

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 1h ago

v2Tier C1h ago

Updated severity to CRITICAL, added new description, and marked the vulnerability as actively exploited.

descriptionseverityactivelyExploited

via VulDB

v11h ago

Initial creation