8theme

Xstore Core

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2026-25306

  • EPSS 0.18%
  • Veröffentlicht 25.03.2026 16:14:39
  • Zuletzt bearbeitet 24.04.2026 16:32:53

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through <= 5.6.4.

6.5

CVE-2026-25307

  • EPSS 0.16%
  • Veröffentlicht 19.02.2026 08:26:53
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through < 5.7.

6.5

CVE-2025-64190

  • EPSS 0.13%
  • Veröffentlicht 30.12.2025 16:00:52
  • Zuletzt bearbeitet 23.04.2026 15:35:03

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through < 5.6.

7.1

CVE-2025-64189

  • EPSS 0.18%
  • Veröffentlicht 18.12.2025 07:22:10
  • Zuletzt bearbeitet 27.04.2026 16:16:34

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through < 5.6.

8.8

CVE-2024-33555

  • EPSS 0.42%
  • Veröffentlicht 09.06.2024 12:15:12
  • Zuletzt bearbeitet 21.11.2024 09:17:08

Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8.

8.8

CVE-2024-33557

  • EPSS 0.56%
  • Veröffentlicht 04.06.2024 13:15:51
  • Zuletzt bearbeitet 26.02.2025 20:23:31

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8.

9.8

CVE-2024-33552

  • EPSS 0.57%
  • Veröffentlicht 17.05.2024 09:15:41
  • Zuletzt bearbeitet 10.04.2025 20:26:27

Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8.

9.8

CVE-2024-33556

  • EPSS 0.58%
  • Veröffentlicht 17.05.2024 07:16:01
  • Zuletzt bearbeitet 19.02.2025 15:38:39

Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8.

6.5

CVE-2024-33558

  • EPSS 0.44%
  • Veröffentlicht 29.04.2024 09:15:07
  • Zuletzt bearbeitet 28.04.2026 19:25:06

Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5.

9.8

CVE-2024-33553

  • EPSS 0.58%
  • Veröffentlicht 29.04.2024 08:15:06
  • Zuletzt bearbeitet 28.04.2026 19:25:06

Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5.