4 matches found
CVE-2024-33552 WordPress XStore Core plugin <= 5.3.8 - Unauthenticated Account Takeover vulnerability
Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8...
CVE-2024-33552 WordPress XStore Core plugin <= 5.3.8 - Unauthenticated Account Takeover vulnerability
Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8...
CVE-2024-33552
CVE-2024-33552 is an Unauthenticated Privilege Escalation in 8theme XStore Core (WordPress plugin). Affected: XStore Core up to version 5.3.8 (reports indicate “from n/a through 5.3.8”). Root cause: improper privilege management enabling escalation. Impact per sources: high confidentiality/integr...
WordPress XStore Core Plugin <= 5.3.8 is vulnerable to Privilege Escalation
Software XStore Core Type Plugin Vulnerable versions = 5.3.8 Fixed in 5.3.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-33552 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID d1199dede4c1 Credits Rafie...