Lucene search
K

41 matches found

CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

WordPress plugin Premmerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.5CVSS6.7AI score0.0042EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 8:38 a.m.9 views

CVE-2025-64288 WordPress Premmerce plugin <= 1.3.19 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce premmerce allows Cross Site Request Forgery.This issue affects Premmerce: from n/a through = 1.3.19...

4.3CVSS0.00117EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 8:38 a.m.9 views

CVE-2025-64288

The CVE-2025-64288 entry refers to a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Premmerce plugin, affecting versions through 1.3.19. The issue is documented in multiple sources (NVD/Red Hat/EUVD/CIRCL/etc.) with consistent wording that Premmerce allows CSRF. The core affecte...

4.3CVSS6.5AI score0.00117EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 8:38 a.m.3 views

CVE-2025-64288 WordPress Premmerce plugin <= 1.3.19 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce premmerce allows Cross Site Request Forgery.This issue affects Premmerce: from n/a through = 1.3.19...

4.3CVSS6.5AI score0.00117EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 8:38 a.m.29 views

CVE-2025-64285

CVE-2025-64285 affects the WordPress plugin Premmerce Wholesale Pricing for WooCommerce (versions through 1.1.10). Root cause: missing authorization due to incorrectly configured access control security levels, enabling potential unauthorized access. Impact: broken access control could allow priv...

5.4CVSS6.6AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.6 views

WordPress plugin Premmerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.5AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-27805

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00221EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/07/02 5:24 a.m.5 views

WordPress Premmerce plugin <= 1.3.19 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Ryan Novotny in WordPress Plugin Premmerce versions = 1.3.19...

7.5CVSS7AI score0.0042EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.11 views

CVE-2023-23719

Cross-Site Request Forgery CSRF vulnerability in Premmerce plugin = 1.3.17 versions...

8.8CVSS7.1AI score0.00221EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/10 6:23 p.m.4 views

WordPress Premmerce plugin <= 1.3.19 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Premmerce versions = 1.3.19...

4.3CVSS7AI score0.00117EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/18 12:0 a.m.12 views

Premmerce < 1.3.17 - Cross-Site Request Forgery

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.7AI score0.00221EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/07/17 11:15 a.m.0 views

CVE-2023-23719

Cross-Site Request Forgery CSRF vulnerability in Premmerce plugin = 1.3.17 versions...

8.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2023/07/17 11:15 a.m.11 views

CVE-2023-23719

Cross-Site Request Forgery CSRF vulnerability in Premmerce plugin = 1.3.17 versions...

8.8CVSS0.00221EPSS
Exploits0References1
Prion
Prion
added 2023/07/17 11:15 a.m.9 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Premmerce plugin = 1.3.17 versions...

6.8CVSS8.8AI score0.00221EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/17 10:54 a.m.14 views

CVE-2023-23719 WordPress Premmerce Plugin <= 1.3.17 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Premmerce plugin = 1.3.17 versions...

5.4CVSS7.1AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/17 10:54 a.m.20 views

CVE-2023-23719 WordPress Premmerce Plugin <= 1.3.17 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Premmerce plugin = 1.3.17 versions...

5.4CVSS9AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2023/07/17 10:54 a.m.42 views

CVE-2023-23719

CVE-2023-23719 affects the WordPress Premmerce plugin, with CSRF vulnerabilities in versions up to 1.3.17 (and variants noted up to 1.3.18 in some sources). The underlying issue is CSRF checks missing in specific paths, enabling unauthorized actions by authenticated users who are tricked into req...

8.8CVSS7.1AI score0.00221EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/17 12:0 a.m.3 views

PT-2023-19157 · WordPress · Premmerce

Name of the Vulnerable Software and Affected Versions: Premmerce plugin versions = 1.3.17 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application tha...

8.8CVSS8.4AI score0.00221EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.3 views

WordPress Plugin Premmerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS7.7AI score0.00221EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/04/20 12:0 a.m.11 views

WordPress Premmerce Plugin <= 1.3.18 is vulnerable to Cross Site Request Forgery (CSRF)

Software Premmerce Type Plugin Vulnerable versions = 1.3.18 Fixed in 1.3.19 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23719 Patch priority Low CVSS severity Low 5.4 Developer Premmerce PSID fb315e7c6849 Credits István Márton Required...

8.8CVSS7AI score0.00221EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder