VYPR
Unrated severityNVD Advisory· Published Jun 4, 2024· Updated Apr 28, 2026

WordPress XStore Core plugin <= 5.3.8 - Local File Inclusion vulnerability

CVE-2024-33557

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8.

Affected products

2
  • 8theme/Xstore Corellm-fuzzy2 versions
    <=5.3.8+ 1 more
    • (no CPE)range: <=5.3.8
    • (no CPE)range: n/a

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.