Lucene search
K

397 matches found

CNNVD
CNNVD
added 2025/12/18 12:0 a.m.2 views

WordPress plugin XStore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS6.6AI score0.00381EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.2 views

WordPress plugin XStore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.1CVSS6AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52158

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...

7.1AI score0.00381EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

WordPress plugin 8theme XStore Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.1CVSS6AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

WordPress plugin XStore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.3CVSS6.5AI score0.00189EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52157

Missing Authorization vulnerability in 8theme XStore xstore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects XStore: from n/a through 9.6...

7AI score0.00189EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/10/17 4:25 p.m.6 views

WordPress XStore Core plugin < 5.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin XStore Core versions 5.6...

7.1CVSS6.1AI score0.0018EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/16 2:44 a.m.14 views

CVE-2025-11746

The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theetajaxrequiredpluginspopup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...

8.8CVSS7.1AI score0.00682EPSS
Exploits0References1
NVD
NVD
added 2025/10/15 3:15 a.m.5 views

CVE-2025-11746

The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theetajaxrequiredpluginspopup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...

8.8CVSS0.00682EPSS
Exploits0References2
CVE
CVE
added 2025/10/15 2:26 a.m.17 views

CVE-2025-11746

CVE-2025-11746 is an authenticated Local File Inclusion vulnerability affecting the WordPress XStore/Multi-purpose WooCommerce Theme (versions &lt;= 9.5.4). Exploitation via theet_ajax_required_plugins_popup() enables an attacker with Subscriber+ privileges to include and execute arbitrary PHP co...

8.8CVSS6.8AI score0.00682EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/15 2:26 a.m.5 views

CVE-2025-11746 XStore | Multipurpose WooCommerce Theme <= 9.5.4 - Authenticated (Subscriber+) Local File Inclusion

The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theetajaxrequiredpluginspopup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...

8.8CVSS6.8AI score0.00682EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/15 2:26 a.m.8 views

CVE-2025-11746 XStore | Multipurpose WooCommerce Theme <= 9.5.4 - Authenticated (Subscriber+) Local File Inclusion

The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theetajaxrequiredpluginspopup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...

8.8CVSS0.00682EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/10/15 12:11 a.m.5 views

WordPress XStore theme <= 9.5.4 - Authenticated (Subscriber+) Local File Inclusion vulnerability

Authenticated Subscriber+ Local File Inclusion vulnerability discovered by khanhhnahk1 in WordPress Theme XStore versions = 9.5.4...

8.8CVSS7AI score0.00682EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.5 views

PT-2025-42227

The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theet ajax required plugins popup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files ...

8.8CVSS7.1AI score0.00682EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.4 views

WordPress plugin XStore 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A path travers...

8.8CVSS6.5AI score0.00682EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-6484

Malware in sbrugna...

6.7CVSS7AI score0.00428EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-1830

Malware in sbrugna...

6.8CVSS6.9AI score0.01447EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-0403

Malware in sbrugna...

6.8CVSS5.6AI score0.01356EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-14966

Malware in sbrugna...

7.6CVSS7.8AI score0.01255EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-15165

Malware in sbrugna...

8.6CVSS8.7AI score0.01698EPSS
Exploits0References3
Rows per page
Query Builder