This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Untrusted data deserialization in Woodmart Core. π₯ **Consequences**: PHP Object Injection. Attackers can execute arbitrary code, leading to total server compromise.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: CWE-502 (Deserialization of Untrusted Data). The plugin fails to validate data before passing it to PHP's `unserialize()`, allowing malicious object injection.
Q3Who is affected? (Versions/Components)
π’ **Affected**: Vendor: **xTemos**. Product: **WoodMart - Multipurpose WooCommerce Theme**. Version: **1.0.36 and earlier**. π¦ Includes WordPress plugin Woodmart Core.
Q4What can hackers do? (Privileges/Data)
π΅οΈ **Attacker Capabilities**: Full Control. CVSS Score is **High (9.8)**. Can read sensitive data (C:H), modify site content (I:H), and crash services (A:H). No authentication required.
π **Public Exploit**: **No PoC** listed in data. However, reference link to Patchstack exists. Wild exploitation is likely due to low barrier to entry (PR:N, UI:N).
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for **Woodmart Core** plugin version. Check if version is **β€ 1.0.36**. Look for deserialization functions in plugin code. Use vulnerability scanners targeting CWE-502.
π§ **No Patch Workaround**: Disable the plugin if not used. Restrict server access via WAF. Block outbound connections from the web server. **Upgrade immediately** if possible.
Q10Is it urgent? (Priority Suggestion)
β‘ **Urgency**: **CRITICAL**. CVSS 9.8 is near-maximum. Remote code execution risk is high. Prioritize patching to prevent immediate takeover of WooCommerce stores.