285 matches found
PT-2024-22177 · Woocommerce · Premmerce Permalink Manager For Woocommerce
Name of the Vulnerable Software and Affected Versions: Premmerce Permalink Manager for WooCommerce versions prior to 2.3.11 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This vulnerability allow...
WordPress plugin Premmerce Permalink Manager for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Premmerce Product Filter for WooCommerce plugin <= 3.7.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Premmerce Product Filter for WooCommerce versions = 3.7.2...
WordPress Premmerce Product Filter for WooCommerce Plugin <= 3.7.2 is vulnerable to Broken Access Control
Software Premmerce Product Filter for WooCommerce Type Plugin Vulnerable versions = 3.7.2 Fixed in 3.7.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31359 Patch priority Low CVSS severity Low 4.3 Developer Premmerce PSID 053807f2d4c0 Credits Dhabaleshw...
Premmerce Permalink Manager for WooCommerce < 2.3.11 - Unauthenticated Local File Inclusion
Description The Premmerce Permalink Manager for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.3.10. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of...
VulnCheck KEV: CVE-2024-27971
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Premmerce Premmerce Permalink Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Premmerce Permalink Manager for WooCommerce: from n/a through 2.3.10...
WordPress Premmerce Permalink Manager for WooCommerce Plugin <= 2.3.10 is vulnerable to Local File Inclusion
Software Premmerce Permalink Manager for WooCommerce Type Plugin Vulnerable versions = 2.3.10 Fixed in 2.3.11 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-27971 Patch priority High CVSS severity High 8.3 Developer Premmerce PSID cbe4465b62ca Credits Rafie Muhammad...
Premmerce Redirect Manager < 1.0.12 - Admin+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to 1.0.12 exclusive due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...
Premmerce User Roles < 1.0.13 - Missing Authorization via role management functions
Description The Premmerce User Roles plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to missing capability and nonce checks on the 'createRole', 'updateRole', and 'deleteRole' functions in versions up to, and including, 1.0.12. This makes it possible f...
WordPress Premmerce User Roles Plugin <= 1.0.12 is vulnerable to Broken Access Control
Software Premmerce User Roles Type Plugin Vulnerable versions = 1.0.12 Fixed in 1.0.13 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41130 Patch priority High CVSS severity High 8.1 Developer Premmerce PSID 8954c8b59cab Credits Nguyen Xuan Chien Required...
WordPress Premmerce Product Filter for WooCommerce Plugin <= 3.7.1 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Product Filter for WooCommerce Type Plugin Vulnerable versions = 3.7.1 Fixed in 3.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 0651d3072e8f Credits Rafie Muhamma...
WordPress Premmerce Variation Swatches for WooCommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Variation Swatches for WooCommerce Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 2a04ac1c6e8a Credits Rafie...
WordPress Premmerce Wishlist for WooCommerce Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Wishlist for WooCommerce Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID aafe83c7ae0e Credits Rafie Muhammad...
WordPress Premmerce Frequently Bought Together for WooCommerce Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Frequently Bought Together for WooCommerce Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 484e6731b7c9 Credi...
WordPress Premmerce Product Search for WooCommerce Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Product Search for WooCommerce Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID df89cf768ffd Credits Rafie Muhamma...
WordPress Premmerce Plugin <= 1.3.17 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Type Plugin Vulnerable versions = 1.3.17 Fixed in 1.3.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 278ff9c96050 Credits Rafie Muhammad Patchstack Required privile...
WordPress Premmerce Permalink Manager for WooCommerce Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Permalink Manager for WooCommerce Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 3d9ba08b3dfc Credits Rafie...
WordPress Premmerce Redirect Manager Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Redirect Manager Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 3596ed68609e Credits Rafie Muhammad Patchstack...
WordPress Premmerce SEO for WooCommerce Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce SEO for WooCommerce Type Plugin Vulnerable versions = 2.1.5 Fixed in 2.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 9b0ae0f180d3 Credits Rafie Muhammad Patchstac...
WordPress Premmerce WooCommerce Customers Manager Plugin <= 1.1.13 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce WooCommerce Customers Manager Type Plugin Vulnerable versions = 1.1.13 Fixed in 1.1.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID b3dee6c5c8f0 Credits Rafie Muhamm...