CVE-2025-64192 | 8theme XStore Plugin up to 9.6 on WordPress authorization

December 18, 2025 Yanac

A vulnerability was found in 8theme XStore Plugin up to 9.6 on WordPress. It has been declared as critical. This affects an unknown part. The manipulation results in missing authorization.

This vulnerability is known as CVE-2025-64192. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-64260 | Marco Milesi ANAC XML Bandi di Gara Plugin up to 7.7 on WordPress cross site scripting
CVE-2025-64191 | 8theme XStore Plugin up to 9.6.1 on WordPress cross site scripting