Vulnerabilities in Premmerce

27 results

CVE-2024-27971HIGHWordPress Premmerce Permalink Manager for WooCommerce plugin <= 2.3.10 - Local File Inclusion vulnerabilityEPSS 1.5%CVE-2026-6933HIGHPremmerce Dev Tools <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution via Plugin CreationEPSS 0.6%CVE-2023-41130HIGHWordPress Premmerce User Roles plugin <= 1.0.12 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2023-23789MEDIUMWordPress Premmerce Redirect Manager Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-60241HIGHWordPress Premmerce plugin <= 1.3.19 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2025-60194HIGHWordPress Premmerce Product Search for WooCommerce plugin <= 2.2.4 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2025-60193HIGHWordPress Premmerce User Roles plugin <= 1.0.13 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2025-60192HIGHWordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2025-60191HIGHWordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2024-31359MEDIUMWordPress Premmerce Product Filter for WooCommerce plugin <= 3.7.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-23787MEDIUMWordPress Premmerce Redirect Manager Plugin <= 1.0.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-13440MEDIUMPremmerce Wishlist for WooCommerce <= 1.1.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wishlist DeletionEPSS 0.3%CVE-2024-13362MEDIUMFreemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url ParameterEPSS 0.3%CVE-2025-13369MEDIUMPremmerce WooCommerce Customers Manager <= 1.1.14 - Reflected Cross-Site ScriptingEPSS 0.3%CVE-2026-0555MEDIUMPremmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX EndpointEPSS 0.2%CVE-2025-12783MEDIUMPremmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings UpdateEPSS 0.2%CVE-2025-12411HIGHPremmerce Wholesale Pricing for WooCommerce <= 1.1.10 - Authenticated (Subscriber+) SQL InjectionEPSS 0.2%CVE-2025-62883MEDIUMWordPress Premmerce User Roles plugin <= 1.0.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-23719MEDIUMWordPress Premmerce Plugin <= 1.3.17 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%

← previouspage 1 / 2next →