Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

xtemos — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting xtemos. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Xtemos is a web application framework primarily used for building content management systems and e-commerce platforms. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 19 recorded CVEs. The framework's security posture has been compromised through insecure deserialization and improper input validation, leading to several high-severity incidents. Notable characteristics include its extensive plugin ecosystem which often introduces additional attack surfaces, and past incidents where unauthenticated attackers could achieve complete system compromise through chained vulnerabilities.

Top products by xtemos: WoodMart WoodMart - Multipurpose WooCommerce Theme Woodmart Core Basel
CVE IDTitleCVSSSeverityPublished
CVE-2026-23971 WordPress WoodMart theme <= 8.3.8 - PHP Object Injection vulnerability — WoodMartCWE-502 8.1 High2026-03-25
CVE-2026-32405 WordPress WoodMart theme <= 8.3.9 - Sensitive Data Exposure vulnerability — WoodMartCWE-497 5.3 Medium2026-03-13
CVE-2025-47600 WordPress WoodMart theme <= 8.3.7 - Arbitrary Shortcode Execution vulnerability — WoodMartCWE-80 5.3 Medium2026-01-22
CVE-2025-67568 WordPress Basel theme <= 5.9.1 - Broken Access Control vulnerability — BaselCWE-862 5.3 Medium2025-12-09
CVE-2025-49935 WordPress WoodMart theme < 8.3.2 - Local File Inclusion vulnerability — WoodMartCWE-98 7.5 High2025-10-22
CVE-2025-49936 WordPress WoodMart theme < 8.3.2 - Cross Site Scripting (XSS) vulnerability — WoodMartCWE-79 6.5 Medium2025-10-22
CVE-2025-8097 WoodMart - Multipurpose WooCommerce Theme <= 8.2.6 - Improper Input Validation Leading to Unauthenticated Cart Manipulation — WoodmartCWE-20 5.3 Medium2025-07-26
CVE-2025-6745 WoodMart <= 8.2.5 - Unauthenticated Post Disclosure — WoodmartCWE-200 5.3 Medium2025-07-11
CVE-2025-6744 Woodmart <= 8.2.3 - Unauthenticated Arbitrary Shortcode Execution — WoodmartCWE-94 7.3 High2025-07-08
CVE-2025-6746 WoodMart <= 8.2.3 - Authenticated (Contributor+) Local File Inclusion — WoodmartCWE-98 8.8 High2025-07-08
CVE-2025-6743 WoodMart <= 8.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — WoodmartCWE-79 6.4 Medium2025-07-08
CVE-2023-32240 WordPress Woodmart theme <= 7.2.1 - Broken Access Control vulnerability — WoodMartCWE-862 5.4 Medium2025-01-02
CVE-2024-12333 WoodMart <= 8.0.3 - Unauthenticated Arbitrary Shortcode Execution — WoodmartCWE-94 6.5 Medium2024-12-12
CVE-2023-32244 WordPress Woodmart Core plugin <= 1.0.36 - Privilege Escalation — Woodmart CoreCWE-269 9.8 Critical2024-05-17
CVE-2023-25790 WordPress WoodMart theme <= 7.0.4 - Unauth Arbitrary Shortcodes Injection — WoodMartCWE-287 5.3 Medium2024-04-24
CVE-2023-32242 WordPress Woodmart Core Plugin <= 1.0.36 is vulnerable to PHP Object Injection — WoodMart - Multipurpose WooCommerce ThemeCWE-502 9.8 Critical2023-12-21
CVE-2023-32500 WordPress WoodMart Theme <= 7.1.1 is vulnerable to Cross Site Request Forgery (CSRF) — WoodMart - Multipurpose WooCommerce ThemeCWE-352 5.4 Medium2023-11-09
CVE-2023-41872 WordPress WoodMart Theme <= 7.2.4 is vulnerable to Cross Site Scripting (XSS) — WoodMartCWE-79 7.1 High2023-09-25
CVE-2023-32239 WordPress WoodMart Theme <= 7.2.1 is vulnerable to Cross Site Scripting (XSS) — WoodMartCWE-79 5.4 Medium2023-06-22

This page lists every published CVE security advisory associated with xtemos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.