CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

274 matches found

Patchstack•added 2026/05/01 9:17 a.m.•3 views

WordPress Premmerce Permalink Manager for WooCommerce plugin <= 2.3.11 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Premmerce Permalink Manager for WooCommerce versions = 2.3.11...

6.1CVSS5.8AI score0.00135EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/05/01 9:17 a.m.•3 views

WordPress Premmerce Product Filter for WooCommerce plugin <= 3.7.3 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Premmerce Product Filter for WooCommerce versions = 3.7.3...

6.1CVSS5.8AI score0.00135EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/03/26 5:2 p.m.•0 views

CVE-2026-32541

Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through = 1.0.12...

6.5CVSS5.8AI score0.00037EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•1 views

EUVD-2026-15917

5.8AI score0.00037EPSS

Exploits0References2

NVD•added 2026/03/25 5:17 p.m.•0 views

CVE-2026-32541

6.5CVSS0.00037EPSS

Exploits0References1

ATTACKERKB•added 2026/03/25 4:15 p.m.•0 views

CVE-2026-32541

5.8AI score0.00037EPSS

Exploits0References2

Vulnrichment•added 2026/03/25 4:15 p.m.•0 views

CVE-2026-32541 WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability

5.8AI score0.00037EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:15 p.m.•21 views

CVE-2026-32541 WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability

6.5CVSS0.00037EPSS

Exploits0References1

CVE•added 2026/03/25 4:15 p.m.•3 views

CVE-2026-32541

CVE-2026-32541 concerns the WordPress plugin Premmerce Redirect Manager . The connected Wordfence document indicates a Missing Authorization issue affecting the plugin, with vulnerable versions listed as from n/a through

6.5CVSS5.8AI score0.00037EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•2 views

WordPress plugin Premmerce Redirect Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00037EPSS

Exploits0References1

Patchstack•added 2026/03/20 1:47 p.m.•2 views

WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan in WordPress Plugin Premmerce Redirect Manager versions = 1.0.12...

6.5CVSS5.8AI score0.00037EPSS

Exploits0Affected Software1

Patchstack•added 2026/02/18 8:13 a.m.•4 views

WordPress Premmerce plugin <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via 'premmercewizardactions' AJAX Endpoint vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Premmerce versions = 1.3.20...

6.4CVSS5.5AI score0.00017EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/02/08 1:3 p.m.•5 views

CVE-2026-0555

The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premmercewizardactions' AJAX endpoint in all versions up to, and including, 1.3.20. This is due to missing capability checks and insufficient input sanitization and output escaping on the state parameter. Thi...

6.4CVSS5.6AI score0.00017EPSS

Exploits0References1

NVD•added 2026/02/07 9:15 a.m.•2 views

CVE-2026-0555

6.4CVSS0.00017EPSS

Exploits0References6

Cvelist•added 2026/02/07 8:26 a.m.•20 views

CVE-2026-0555 Premmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint

6.4CVSS0.00017EPSS

Exploits0References6

CVE•added 2026/02/07 8:26 a.m.•10 views

CVE-2026-0555

The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the premmerce_wizard_actions AJAX endpoint in all versions up to and including 1.3.20. The root cause is missing capability checks and insufficient input sanitization and output escaping on the state parameter, en...

6.4CVSS5.6AI score0.00017EPSS

Exploits0References6

Vulnrichment•added 2026/02/07 8:26 a.m.•1 views

CVE-2026-0555 Premmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint

6.4CVSS5.8AI score0.00017EPSS

Exploits0References6

EUVD•added 2026/02/07 8:26 a.m.•4 views

EUVD-2026-5740

6.4CVSS5.6AI score0.00017EPSS

Exploits0References5

ATTACKERKB•added 2026/02/07 8:26 a.m.•2 views

CVE-2026-0555

6.4CVSS5.6AI score0.00017EPSS

Exploits0References6

Positive Technologies•added 2026/02/07 12:0 a.m.•3 views

PT-2026-6887

Name of the Vulnerable Software and Affected Versions Premmerce plugin for WordPress versions up to and including 1.3.20 Description The Premmerce plugin for WordPress is susceptible to Stored Cross-Site Scripting through the premmerce wizard actions API endpoint. The issue stems from a lack of...

6.4CVSS5.5AI score0.00017EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by