CVE-2025-64191 | 8theme XStore Plugin up to 9.6.1 on WordPress cross site scripting

December 18, 2025 Yanac

A vulnerability was found in 8theme XStore Plugin up to 9.6.1 on WordPress. It has been classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-64191. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More