Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme.This issue affects WoodMart - Multipurpose WooCommerce Theme: from n/a through 1.0.36.
Vulnerabilidad de deserialización de datos no confiables en xtemos WoodMart - Multipurpose WooCommerce Theme. Este problema afecta a WoodMart - Multipurpose WooCommerce Theme: desde n/a hasta 1.0.36.
The Woodmart Core plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.0.36 via deserialization of untrusted input. This allows unauthenticated attackers to inject a PHP Object. If a POP chain is present in the vulnerable plugin, an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
