WordPress XStore Core plugin <= 5.3.8 - Unauthenticated Account Takeover vulnerability
CVE-2024-33552
9.8CRITICAL
What is CVE-2024-33552?
The vulnerability identified in XStore Core by 8theme relates to improper privilege management, which allows unauthorized users to potentially escalate their privileges. This can lead to unauthorized access to sensitive data or operations within the application. Affected versions span from the earliest release up to 5.3.8, highlighting the importance of updating to secure user interactions and maintain administrative control.
Affected Version(s)
XStore Core <= 5.3.8