CVE-2025-64189 | 8theme XStore Core Plugin up to 5.6 on WordPress cross site scripting

December 18, 2025 Yanac

A vulnerability was found in 8theme XStore Core Plugin up to 5.6 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. Executing manipulation can lead to cross site scripting.

This vulnerability appears as CVE-2025-64189. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More