8theme

11 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-33564 18theme 1Xstore Nov 21, 2024 Jun 9, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8.
CVE-2024-33563 18theme 1Xstore Nov 21, 2024 Jun 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8.
CVE-2024-33561 18theme 1Xstore Nov 21, 2024 Jun 9, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8.
CVE-2024-33555 18theme 1Xstore Core Nov 21, 2024 Jun 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8.
CVE-2024-33557 18theme 1Xstore Core Feb 26, 2025 Jun 4, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8.
CVE-2024-33552 18theme 1Xstore Core Apr 10, 2025 May 17, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8.
CVE-2024-33556 18theme 1Xstore Core Mar 3, 2025 May 17, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8.
CVE-2024-33558 18theme 1Xstore Core Apr 28, 2026 Apr 29, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5.
CVE-2024-33553 18theme 1Xstore Core Apr 28, 2026 Apr 29, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5.
CVE-2024-33554 18theme 1Xstore Core Apr 28, 2026 Apr 29, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core allows Reflected XSS.This issue affects XStore Core: from n/a through 5.3.5.
CVE-2024-33551 18theme 1Xstore Core Apr 28, 2026 Apr 29, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore Core allows SQL Injection.This issue affects XStore Core: from n/a through 5.3.5.