4 matches found
CVE-2024-33560 WordPress XStore theme <= 9.3.8 - Unauthenticated Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 8theme XStore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.3.8...
CVE-2024-33560 WordPress XStore theme <= 9.3.8 - Unauthenticated Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 8theme XStore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.3.8...
CVE-2024-33560
CVE-2024-33560 affects 8theme XStore (WordPress theme). The vulnerability is described as an improper limitation of a pathname to a restricted directory, enabling PHP Local File Inclusion (LFI). The issue impacts XStore versions from n/a up to 9.3.8 (per initial doc) and is echoed in multiple CVE...
WordPress XStore Theme <= 9.3.8 is vulnerable to Local File Inclusion
Software XStore Type Theme Vulnerable versions = 9.3.8 Fixed in 9.3.9 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-33560 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 6dff12fe54af Credits Rafie Muhammad Patchstack Required privilege...