Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

8theme — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting 8theme. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by 8theme:XStoreXStore Core
CVE IDTitleCVSSSeverityPublished
CVE-2026-25306 WordPress XStore Core plugin <= 5.6.4 - Reflected Cross Site Scripting (XSS) vulnerability — XStore CoreCWE-79 7.1 High2026-03-25
CVE-2026-25307 WordPress XStore Core plugin < 5.7 - Cross Site Scripting (XSS) vulnerability — XStore CoreCWE-79 6.1AIMediumAI2026-02-19
CVE-2026-25305 WordPress XStore theme <= 9.6.4 - Cross Site Scripting (XSS) vulnerability — XStoreCWE-79 6.1AIMediumAI2026-02-19
CVE-2026-25006 WordPress XStore theme <= 9.6.4 - Arbitrary Shortcode Execution vulnerability — XStoreCWE-80 5.3 Medium2026-02-19
CVE-2025-64190 WordPress XStore Core plugin < 5.6 - Cross Site Scripting (XSS) vulnerability — XStore CoreCWE-79 6.5 Medium2025-12-30
CVE-2025-64192 WordPress XStore theme < 9.6 - Broken Access Control vulnerability — XStoreCWE-862 8.1AIHighAI2025-12-18
CVE-2025-64193 WordPress XStore theme < 9.6.1 - Local File Inclusion vulnerability — XStoreCWE-98 9.1AICriticalAI2025-12-18
CVE-2025-64189 WordPress XStore Core plugin < 5.6 - Cross Site Scripting (XSS) vulnerability — XStore CoreCWE-79 7.1 High2025-12-18
CVE-2025-64191 WordPress XStore theme < 9.6.1 - Cross Site Scripting (XSS) vulnerability — XStoreCWE-79 6.1AIMediumAI2025-12-18
CVE-2025-11746 XStore | Multipurpose WooCommerce Theme <= 9.5.4 - Authenticated (Subscriber+) Local File Inclusion — XStoreCWE-22 8.8 High2025-10-15
CVE-2025-60100 WordPress XStore theme < 9.6 - Content Injection vulnerability — XStoreCWE-80 5.3 Medium2025-09-26
CVE-2024-33555 WordPress XStore Core plugin <= 5.3.8 - Multiple Authenticated Broken Access Control vulnerability — XStore CoreCWE-862 8.1 High2024-06-09
CVE-2024-33561 WordPress XStore theme <= 9.3.8 - Unauthenticated Broken Access Control vulnerability — XStoreCWE-862 7.5 High2024-06-09
CVE-2024-33563 WordPress XStore theme <= 9.3.8 - Broken Access Control vulnerability — XStoreCWE-862 7.6 High2024-06-09
CVE-2024-33564 WordPress XStore theme <= 9.3.8 - Arbitrary Option Update vulnerability — XStoreCWE-862 8.8 High2024-06-09
CVE-2024-33560 WordPress XStore theme <= 9.3.8 - Unauthenticated Local File Inclusion vulnerability — XStoreCWE-22 9.0 Critical2024-06-04
CVE-2024-33557 WordPress XStore Core plugin <= 5.3.8 - Local File Inclusion vulnerability — XStore CoreCWE-22 8.5 High2024-06-04
CVE-2024-33552 WordPress XStore Core plugin <= 5.3.8 - Unauthenticated Account Takeover vulnerability — XStore CoreCWE-269 9.8 Critical2024-05-17
CVE-2024-33556 WordPress XStore Core plugin <= 5.3.8 - Limited Arbitrary File Upload vulnerability — XStore CoreCWE-434 8.2 High2024-05-17
CVE-2024-33558 WordPress XStore Core plugin <= 5.3.5 - Limited Arbitrary File Download vulnerability — XStore CoreCWE-862 6.5 Medium2024-04-29
CVE-2024-33553 WordPress XStore Core plugin <= 5.3.5 - Unauthenticated PHP Object Injection vulnerability — XStore CoreCWE-502 9.0 Critical2024-04-29
CVE-2024-33551 WordPress XStore Core plugin <= 5.3.5 - Unauthenticated SQL Injection vulnerability — XStore CoreCWE-89 9.3 Critical2024-04-29
CVE-2024-33559 WordPress XStore theme <= 9.3.5 - Unauthenticated SQL Injection vulnerability — XStoreCWE-89 9.3 Critical2024-04-29
CVE-2024-33554 WordPress XStore Core plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability — XStore CoreCWE-79 7.1 High2024-04-29
CVE-2024-33562 WordPress XStore theme <= 9.3.5 - Reflected Cross Site Scripting (XSS) vulnerability — XStoreCWE-79 7.1 High2024-04-29

This page lists every published CVE security advisory associated with 8theme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.