Unrated severityNVD Advisory· Published Jun 4, 2024· Updated Apr 28, 2026
WordPress XStore Core plugin <= 5.3.8 - Local File Inclusion vulnerability
CVE-2024-33557
Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8.
Affected products
2<=5.3.8+ 1 more
- (no CPE)range: <=5.3.8
- (no CPE)range: n/a
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.