CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

NVD•added 4 days ago•5 views

CVE-2026-54849

Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce = 1.1.11 versions...

9.3CVSS0.00229EPSS

Exploits0References1

Cvelist•added 4 days ago•30 views

CVE-2026-54849 WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.11 - SQL Injection vulnerability

Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce = 1.1.11 versions...

9.3CVSS0.00229EPSS

Exploits0References1

EUVD•added 4 days ago•4 views

EUVD-2026-39373

Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce = 1.1.11 versions...

9.3CVSS5.9AI score0.00229EPSS

Exploits0References1

CVE•added 4 days ago•17 views

CVE-2026-54849

CVE-2026-54849 concerns WordPress Premmerce Wishlist for WooCommerce plugin versions <= 1.1.11, with unauthenticated SQL injection vulnerability. The connected records confirm the affected software (Premmerce Wishlist for WooCommerce), the vulnerable component (the plugin’s request handling le...

9.3CVSS5.9AI score0.00229EPSS

Exploits0References1

Patchstack•added 2026/06/18 2:29 p.m.•4 views

WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.11 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin Premmerce Wishlist for WooCommerce versions = 1.1.11...

9.3CVSS6AI score0.00229EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/12/13 3:59 a.m.•6 views

CVE-2025-13440

The Premmerce Wishlist for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.10. This is due to a missing capability check on the deleteWishlist function. This makes it possible for authenticated attackers, with Subscriber-level acce...

5.3CVSS5.4AI score0.00286EPSS

Exploits0References1

EUVD•added 2025/12/12 6:31 a.m.•3 views

EUVD-2025-202984

5.3CVSS4.9AI score0.00286EPSS

Exploits0References4

NVD•added 2025/12/12 4:15 a.m.•3 views

CVE-2025-13440

5.3CVSS0.00286EPSS

Exploits0References4

Vulnrichment•added 2025/12/12 3:20 a.m.•1 views

CVE-2025-13440 Premmerce Wishlist for WooCommerce <= 1.1.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wishlist Deletion

5.3CVSS5AI score0.00286EPSS

Exploits0References3

Cvelist•added 2025/12/12 3:20 a.m.•26 views

CVE-2025-13440 Premmerce Wishlist for WooCommerce <= 1.1.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wishlist Deletion

5.3CVSS0.00286EPSS

Exploits0References4

CVE•added 2025/12/12 3:20 a.m.•15 views

CVE-2025-13440

CVE-2025-13440 affects Premmerce Wishlist for WooCommerce (WordPress). The flaw is Missing Authorization via deleteWishlist(), allowing authenticated users with Subscriber+ access to delete arbitrary wishlists in versions up to 1.1.10. Root cause: missing capability check in the deleteWishlist() ...

5.3CVSS5AI score0.00286EPSS

Exploits0References4

Positive Technologies•added 2025/12/12 12:0 a.m.•5 views

PT-2025-50820

5.3CVSS5.4AI score0.00286EPSS

Exploits0References4

CNNVD•added 2025/12/12 12:0 a.m.•2 views

WordPress plugin Premmerce Wishlist for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.5AI score0.00286EPSS

Exploits0References3

RedhatCVE•added 2025/11/07 5:33 p.m.•6 views

CVE-2025-60191

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wishlist for WooCommerce premmerce-woocommerce-wishlist allows PHP Local File Inclusion.This issue affects Premmerce Wishlist for WooCommerce: from n/a throug...

7.5CVSS7.1AI score0.0037EPSS

Exploits0References1

EUVD•added 2025/11/06 6:32 p.m.•3 views

EUVD-2025-38124

7.5CVSS6.6AI score0.0037EPSS

Exploits0References2

NVD•added 2025/11/06 4:16 p.m.•5 views

CVE-2025-60191

7.5CVSS0.0037EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:54 p.m.•1 views

CVE-2025-60191 WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulnerability

7.5CVSS6.7AI score0.0037EPSS

Exploits0References1

Cvelist•added 2025/11/06 3:54 p.m.•8 views

CVE-2025-60191 WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulnerability

7.5CVSS0.0037EPSS

Exploits0References1

CVE•added 2025/11/06 3:54 p.m.•9 views

CVE-2025-60191

The CVE-2025-60191 issue affects the WordPress Premmerce Wishlist for WooCommerce plugin (versions up to 1.1.10). It is described as an Improper Control of Filename for Include/Require Statement, enabling PHP Local File Inclusion. Connected sources (Red Hat, EUVD, CVE lists, CNNVD, VulnEnrichment...

7.5CVSS6.7AI score0.0037EPSS

Exploits0References1

CNNVD•added 2025/11/06 12:0 a.m.•3 views

WordPress plugin Premmerce Wishlist for WooCommerce 安全漏洞

7.5CVSS6.6AI score0.0037EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by