279 matches found
WordPress Premmerce Dev Tools plugin <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution vulnerability
Missing Authorization to Authenticated Subscriber+ Remote Code Execution vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Premmerce Dev Tools versions = 2.0...
CVE-2026-6933
The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due to the 'generatePluginHandler' function lacking any authorization check before processing user-supplied POST data, combined with the...
CVE-2026-6933 Premmerce Dev Tools <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution via Plugin Creation
The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due to the 'generatePluginHandler' function lacking any authorization check before processing user-supplied POST data, combined with the...
CVE-2026-6933
The CVE covers the Premmerce Dev Tools WordPress plugin (versions
PT-2026-49618
The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due to the 'generatePluginHandler' function lacking any authorization check before processing user-supplied POST data, combined with the...
WordPress Premmerce Permalink Manager for WooCommerce plugin <= 2.3.11 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Premmerce Permalink Manager for WooCommerce versions = 2.3.11...
WordPress Premmerce Product Filter for WooCommerce plugin <= 3.7.3 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Premmerce Product Filter for WooCommerce versions = 3.7.3...
CVE-2026-32541
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through = 1.0.12...
EUVD-2026-15917
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through = 1.0.12...
CVE-2026-32541
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through = 1.0.12...
CVE-2026-32541 WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through = 1.0.12...
CVE-2026-32541
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through = 1.0.12...
CVE-2026-32541 WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through = 1.0.12...
CVE-2026-32541
CVE-2026-32541 concerns the WordPress plugin Premmerce Redirect Manager . The connected Wordfence document indicates a Missing Authorization issue affecting the plugin, with vulnerable versions listed as from n/a through
WordPress plugin Premmerce Redirect Manager 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Que Thanh Tuan in WordPress Plugin Premmerce Redirect Manager versions = 1.0.12...
WordPress Premmerce plugin <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting via 'premmercewizardactions' AJAX Endpoint vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Premmerce versions = 1.3.20...
CVE-2026-0555
The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premmercewizardactions' AJAX endpoint in all versions up to, and including, 1.3.20. This is due to missing capability checks and insufficient input sanitization and output escaping on the state parameter. Thi...
CVE-2026-0555
The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premmercewizardactions' AJAX endpoint in all versions up to, and including, 1.3.20. This is due to missing capability checks and insufficient input sanitization and output escaping on the state parameter. Thi...
CVE-2026-0555 Premmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint
The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premmercewizardactions' AJAX endpoint in all versions up to, and including, 1.3.20. This is due to missing capability checks and insufficient input sanitization and output escaping on the state parameter. Thi...