CVE-2026-25006 | 8theme XStore Plugin up to 9.6.4 on WordPress cross site scripting

February 19, 2026 Yanac

A vulnerability, which was classified as problematic, has been found in 8theme XStore Plugin up to 9.6.4 on WordPress. This issue affects some unknown processing. The manipulation leads to basic cross site scripting.

This vulnerability is listed as CVE-2026-25006. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2026-25000 | Kraft Plugins Wheel of Life Plugin up to 1.2.0 on WordPress authorization
CVE-2026-27092 | Greg Winiarski WPAdverts Plugin up to 2.2.11 on WordPress authorization