Lucene search
+L

285 matches found

Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.6 views

PT-2024-22177 · Woocommerce · Premmerce Permalink Manager For Woocommerce

Name of the Vulnerable Software and Affected Versions: Premmerce Permalink Manager for WooCommerce versions prior to 2.3.11 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This vulnerability allow...

8.3CVSS9.4AI score0.0146EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.6 views

WordPress plugin Premmerce Permalink Manager for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.3CVSS8.3AI score0.0146EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/08 3:0 p.m.3 views

WordPress Premmerce Product Filter for WooCommerce plugin <= 3.7.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Premmerce Product Filter for WooCommerce versions = 3.7.2...

8.8CVSS7AI score0.00314EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/08 12:0 a.m.8 views

WordPress Premmerce Product Filter for WooCommerce Plugin <= 3.7.2 is vulnerable to Broken Access Control

Software Premmerce Product Filter for WooCommerce Type Plugin Vulnerable versions = 3.7.2 Fixed in 3.7.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31359 Patch priority Low CVSS severity Low 4.3 Developer Premmerce PSID 053807f2d4c0 Credits Dhabaleshw...

8.8CVSS6.6AI score0.00314EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/20 12:0 a.m.28 views

Premmerce Permalink Manager for WooCommerce < 2.3.11 - Unauthenticated Local File Inclusion

Description The Premmerce Permalink Manager for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.3.10. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of...

8.3CVSS8.2AI score0.0146EPSS
Exploits0References1Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/03/13 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-27971

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Premmerce Premmerce Permalink Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Premmerce Permalink Manager for WooCommerce: from n/a through 2.3.10...

7.3AI score0.0146EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/03/13 12:0 a.m.18 views

WordPress Premmerce Permalink Manager for WooCommerce Plugin <= 2.3.10 is vulnerable to Local File Inclusion

Software Premmerce Permalink Manager for WooCommerce Type Plugin Vulnerable versions = 2.3.10 Fixed in 2.3.11 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-27971 Patch priority High CVSS severity High 8.3 Developer Premmerce PSID cbe4465b62ca Credits Rafie Muhammad...

8.3CVSS6.8AI score0.0146EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/17 12:0 a.m.5 views

Premmerce Redirect Manager < 1.0.12 - Admin+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to 1.0.12 exclusive due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

5.9AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.13 views

Premmerce User Roles < 1.0.13 - Missing Authorization via role management functions

Description The Premmerce User Roles plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to missing capability and nonce checks on the 'createRole', 'updateRole', and 'deleteRole' functions in versions up to, and including, 1.0.12. This makes it possible f...

6.7AI score0.00469EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/08/24 12:0 a.m.9 views

WordPress Premmerce User Roles Plugin <= 1.0.12 is vulnerable to Broken Access Control

Software Premmerce User Roles Type Plugin Vulnerable versions = 1.0.12 Fixed in 1.0.13 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41130 Patch priority High CVSS severity High 8.1 Developer Premmerce PSID 8954c8b59cab Credits Nguyen Xuan Chien Required...

6.6AI score0.00469EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.9 views

WordPress Premmerce Product Filter for WooCommerce Plugin <= 3.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Product Filter for WooCommerce Type Plugin Vulnerable versions = 3.7.1 Fixed in 3.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 0651d3072e8f Credits Rafie Muhamma...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Premmerce Variation Swatches for WooCommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Variation Swatches for WooCommerce Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 2a04ac1c6e8a Credits Rafie...

6.3AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.10 views

WordPress Premmerce Wishlist for WooCommerce Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Wishlist for WooCommerce Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID aafe83c7ae0e Credits Rafie Muhammad...

6.3AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.8 views

WordPress Premmerce Frequently Bought Together for WooCommerce Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Frequently Bought Together for WooCommerce Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 484e6731b7c9 Credi...

6.3AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress Premmerce Product Search for WooCommerce Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Product Search for WooCommerce Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID df89cf768ffd Credits Rafie Muhamma...

6.5AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.4 views

WordPress Premmerce Plugin <= 1.3.17 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Type Plugin Vulnerable versions = 1.3.17 Fixed in 1.3.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 278ff9c96050 Credits Rafie Muhammad Patchstack Required privile...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress Premmerce Permalink Manager for WooCommerce Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Permalink Manager for WooCommerce Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 3d9ba08b3dfc Credits Rafie...

6.3AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Premmerce Redirect Manager Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Redirect Manager Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 3596ed68609e Credits Rafie Muhammad Patchstack...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Premmerce SEO for WooCommerce Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce SEO for WooCommerce Type Plugin Vulnerable versions = 2.1.5 Fixed in 2.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 9b0ae0f180d3 Credits Rafie Muhammad Patchstac...

6.3AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.11 views

WordPress Premmerce WooCommerce Customers Manager Plugin <= 1.1.13 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce WooCommerce Customers Manager Type Plugin Vulnerable versions = 1.1.13 Fixed in 1.1.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID b3dee6c5c8f0 Credits Rafie Muhamm...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder