Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-33552 | 1 8theme | 1 Xstore Core | 2025-04-10 | N/A | 9.8 CRITICAL |
| Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8. | |||||
| CVE-2024-33557 | 1 8theme | 1 Xstore Core | 2025-02-26 | N/A | 8.5 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8. | |||||
| CVE-2024-33551 | 1 8theme | 1 Xstore Core | 2025-02-21 | N/A | 9.3 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore Core allows SQL Injection.This issue affects XStore Core: from n/a through 5.3.5. | |||||
| CVE-2024-33554 | 1 8theme | 1 Xstore Core | 2025-02-21 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core allows Reflected XSS.This issue affects XStore Core: from n/a through 5.3.5. | |||||
| CVE-2024-33553 | 1 8theme | 1 Xstore Core | 2025-02-21 | N/A | 9.0 CRITICAL |
| Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5. | |||||
| CVE-2024-33558 | 1 8theme | 1 Xstore Core | 2025-02-21 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5. | |||||
| CVE-2024-33555 | 1 8theme | 1 Xstore Core | 2024-11-21 | N/A | 8.1 HIGH |
| Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8. | |||||