Lucene search
HistoryJun 09, 2024 - 12:15 p.m.
CVE-2024-33561
authorization
xstore
vulnerability
8theme
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8.
Affected configurations
Node
8themexstoreRange≤9.3.8
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "XStore",
"vendor": "8theme",
"versions": [
{
"changes": [
{
"at": "9.3.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "9.3.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
wpvulndb
wpvulndb
XStore < 9.3.9 - Missing Authorization
2024-05-01 00:00:00
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-33561
2024-06-09 12:15:12
wordfence
wordfence
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2024-33561