CVE-2025-6744 is a high-severity vulnerability affecting the Woodmart WordPress theme developed by xTemos, specifically impacting all versions up to and including 8.2.3. The vulnerability is classified under CWE-94, which pertains to improper control of code generation, commonly known as code injection. The root cause lies in the woodmart_get_products_shortcode() function, which improperly validates user-supplied input before passing it to the WordPress do_shortcode function. This flaw allows unauthenticated attackers to execute arbitrary shortcodes on the affected WordPress sites. Since shortcodes in WordPress can execute PHP code or trigger various plugin/theme functionalities, this vulnerability can lead to unauthorized code execution, potentially compromising the confidentiality, integrity, and availability of the affected systems. The CVSS 3.1 base score is 7.3, indicating a high severity, with an attack vector of network (AV:N), no privileges required (PR:N), no user interaction needed (UI:N), and an impact on confidentiality, integrity, and availability (C:L/I:L/A:L). Although no known exploits are currently reported in the wild, the ease of exploitation due to lack of authentication and user interaction requirements makes this vulnerability a significant risk for WordPress sites using the Woodmart theme. The absence of official patches at the time of reporting further elevates the urgency for mitigation.

For European organizations, this vulnerability poses a substantial risk, especially for businesses relying on WordPress websites with the Woodmart theme for e-commerce, marketing, or content delivery. Exploitation could lead to unauthorized code execution, enabling attackers to inject malicious payloads, deface websites, steal sensitive customer data, or pivot to internal networks. This can result in reputational damage, regulatory non-compliance (e.g., GDPR violations due to data breaches), financial losses, and operational disruptions. Given the widespread use of WordPress in Europe and the popularity of commercial themes like Woodmart, organizations in sectors such as retail, hospitality, and media are particularly vulnerable. The ability to exploit this flaw without authentication or user interaction increases the likelihood of automated attacks and widespread exploitation attempts, potentially affecting a large number of European websites and their users.

1. Immediate mitigation should include disabling or restricting the use of shortcodes in the Woodmart theme until an official patch is released. This can be done by overriding or filtering the woodmart_get_products_shortcode() function to sanitize inputs rigorously or by disabling shortcode processing in vulnerable contexts. 2. Implement Web Application Firewall (WAF) rules specifically targeting suspicious shortcode patterns or attempts to exploit this vulnerability. 3. Monitor web server and application logs for unusual shortcode execution attempts or unexpected requests targeting the vulnerable function. 4. Limit exposure by restricting access to the WordPress admin and theme files via IP whitelisting or VPN access where feasible. 5. Keep WordPress core, plugins, and themes updated and subscribe to vendor security advisories for timely patch releases. 6. Conduct security audits and penetration testing focused on shortcode and code injection vectors to identify and remediate similar issues proactively. 7. Educate site administrators about the risks of installing untrusted plugins or themes and encourage the use of security plugins that can detect and block malicious shortcode usage.