Cross Site Scripting Vulnerability in WoodMart Theme by TagDiv
CVE-2026-56072

7.1HIGH

Key Information:

Vendor

WordPress

Status
Vendor
CVE Published:
26 June 2026

What is CVE-2026-56072?

The WoodMart theme, developed by TagDiv, has a vulnerability that allows unauthenticated users to exploit Cross Site Scripting (XSS) issues in versions up to 8.5.3. This weakness could potentially allow attackers to inject malicious scripts into web pages viewed by other users, compromising the site's integrity and endangering sensitive data. Site administrators should take immediate steps to mitigate the risk by upgrading to the latest version or applying relevant security patches.

Affected Version(s)

WoodMart <= 8.5.3

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

daroo | Patchstack Bug Bounty Program
.