Privilege Escalation Vulnerability in Woodmart Core
CVE-2023-32244

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: Woodmart Core
Vendor: CVE Published:; 17 May 2024

Summary

A vulnerability exists in the Woodmart Core plugin developed by XTemos that allows unauthorized privilege escalation due to improper management of user privileges. This flaw can enable attackers to gain elevated permissions, which could lead to further exploitation of the application or exposure of sensitive data. The affected versions of Woodmart Core range from an unspecified version up to 1.0.36, and users are advised to secure their systems by applying patches and updates to mitigate this risk.

Affected Version(s)

Woodmart Core <= 1.0.36

References

https://patchstack.com/database/vulnerability/woodmart-co...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 17, 2024
Vulnerability Reserved
May 5, 2023

Credit

Dave Jong (Patchstack)