Lucene search
K

20 matches found

Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Premmerce Brands for WooCommerce plugin <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings Update vulnerability

Missing Authorization To Authenticated Subscriber+ Brand Permalink Settings Update vulnerability discovered by WordFence in WordPress Plugin Premmerce Brands for WooCommerce versions = 1.2.13...

4.3CVSS5.9AI score0.00238EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.3 views

CVE-2025-12783

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS5.1AI score0.00238EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 6:31 a.m.3 views

EUVD-2025-202993

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS4.6AI score0.00238EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/12 3:20 a.m.1 views

CVE-2025-12783 Premmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings Update

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS4.7AI score0.00238EPSS
Exploits0References2
CVE
CVE
added 2025/12/12 3:20 a.m.9 views

CVE-2025-12783

CVE-2025-12783 affects the Premmerce Brands for WooCommerce WordPress plugin (impact on brand permalink settings). Public details indicate a missing capability check in the saveBrandsSettings function, affecting all versions up to 1.2.13. This enables authenticated users with Subscriber-level acc...

4.3CVSS4.7AI score0.00238EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/12 3:20 a.m.30 views

CVE-2025-12783 Premmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings Update

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.00238EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.6 views

PT-2025-50807

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS5.1AI score0.00238EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.4 views

WordPress plugin Premmerce Brands for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

4.3CVSS6.3AI score0.00238EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/28 1:34 a.m.4 views

CVE-2025-62890

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...

4.3CVSS6.9AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/27 3:30 a.m.3 views

EUVD-2025-36048

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...

6.3AI score0.00128EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 2:15 a.m.5 views

CVE-2025-62890

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...

4.3CVSS0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 1:33 a.m.1 views

CVE-2025-62890 WordPress Premmerce Brands for WooCommerce plugin <= 1.2.13 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...

4.3CVSS6.5AI score0.00128EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/27 1:33 a.m.8 views

CVE-2025-62890 WordPress Premmerce Brands for WooCommerce plugin <= 1.2.13 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...

4.3CVSS0.00128EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:33 a.m.13 views

CVE-2025-62890

CVE-2025-62890 is a CSRF vulnerability in the WordPress plugin Premmerce Brands for WooCommerce (versions n/a through 1.2.13). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) yields a base score of 4.3 (Medium). The Red Hat and NVD entries corroborate that the issue concerns Cross-Site ...

4.3CVSS6.5AI score0.00128EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.2 views

WordPress plugin Premmerce Brands for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

4.3CVSS6.6AI score0.00128EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.3 views

PT-2025-43769

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...

8.8CVSS6.9AI score0.00128EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/08/22 10:53 a.m.4 views

WordPress Premmerce Brands for WooCommerce plugin <= 1.2.13 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Bao BlueRock in WordPress Plugin Premmerce Brands for WooCommerce versions = 1.2.13...

8.8CVSS7AI score0.00128EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress Premmerce Brands for WooCommerce Plugin <= 1.2.12 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Brands for WooCommerce Type Plugin Vulnerable versions = 1.2.12 Fixed in 1.2.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID d85a12b3ec66 Credits Rafie Muhammad...

6.3AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.9 views

WordPress Premmerce Brands for WooCommerce plugin <= 1.2.11 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Premmerce Brands for WooCommerce plugin versions = 1.2.11. Solution Update the WordPress Premmerce Brands for WooCommerce plugin to the latest available version at least 1.2.12...

4.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.14 views

WordPress Premmerce Brands for WooCommerce plugin <= 1.2.11 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Premmerce Brands for WooCommerce plugin versions = 1.2.11. Solution Update the WordPress Premmerce Brands for WooCommerce plugin to the latest available version at least 1.2.12...

2.8AI score
Exploits0References2Affected Software1
Rows per page
Query Builder