Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtemos WoodMart allows Cross-Site Scripting (XSS).This issue affects WoodMart: from n/a up to and including 7.0.4.
The WoodMart premium theme for WordPress is vulnerable to unauthenticated arbitrary shortcodes injection in versions 710 and below This makes it possible for unauthenticated attackers to execute arbitrary shortcodes ...