CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

Prodigy Commerce <= 3.3.0 - Local File Inclusion

Prodigy Commerce WordPress plugin = 3.2.9 contains a local file inclusion caused by improper sanitization of 'parameterstemplatename' parameter, letting unauthenticated attackers include and execute arbitrary files remotely. id: CVE-2026-0926 info: name: Prodigy Commerce = 3.3.0 - Local File...

9.8CVSS6AI score0.29091EPSS

Exploits4References2

Exploit DB•added 6 days ago•29 views

Prodigy Commerce 3.3.0 - Local File Inclusion

Exploit Title: Prodigy Commerce 3.3.0 - Local File Inclusion Date: 23-05-2026 Exploit Author: Diamorphine Vendor Homepage: https://prodigycommerce.com/ Software Link: https://wordpress.org/plugins/prodigy-commerce/ Version: 3.2.9 Tested on: Debian CVE : CVE-2026-0926 Description: Prodigy Commerce...

9.8CVSS5.8AI score0.29091EPSS

Exploits4

Packet Storm•added 6 days ago•25 views

📄 WordPress Prodigy Commerce 3.2.9 Local File Inclusion

WordPress Prodigy Commerce plugin versions 3.2.9 and below suffer from a local file inclusion vulnerability. Exploit Title: Prodigy Commerce 3.3.0 - Local File Inclusion Date: 23-05-2026 Exploit Author: Diamorphine Vendor Homepage: https://prodigycommerce.com/ Software Link:...

9.8CVSS5.8AI score0.29091EPSS

Exploits4

RedhatCVE•added 2026/02/20 7:22 a.m.•2 views

CVE-2026-0926

The Prodigy Commerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the 'parameterstemplatename' parameter. This makes it possible for unauthenticated attackers to include and read arbitrary files or execute arbitrary files on the server...

9.8CVSS6.5AI score0.29091EPSS

Exploits4References1

Patchstack•added 2026/02/19 10:24 a.m.•7 views

WordPress Prodigy Commerce plugin <= 3.2.9 - Unauthenticated Local File Inclusion via parameters[template_name] vulnerability

Unauthenticated Local File Inclusion via parameterstemplatename vulnerability discovered by WordFence in WordPress Plugin Prodigy Commerce versions = 3.2.9...

9.8CVSS5.5AI score0.29091EPSS

Exploits4References1Affected Software1

NVD•added 2026/02/19 7:17 a.m.•4 views

CVE-2026-0926

9.8CVSS0.29091EPSS

Exploits4References6

CVE•added 2026/02/19 4:36 a.m.•10 views

CVE-2026-0926

Prodigy Commerce WordPress plugin

9.8CVSS6.5AI score0.29091EPSS

Exploits4References6

Vulnrichment•added 2026/02/19 4:36 a.m.•2 views

CVE-2026-0926 Prodigy Commerce <= 3.3.0 - Unauthenticated Local File Inclusion via parameters[template_name]

9.8CVSS6.4AI score0.29091EPSS

Exploits4References6

Cvelist•added 2026/02/19 4:36 a.m.•282 views

CVE-2026-0926 Prodigy Commerce <= 3.3.0 - Unauthenticated Local File Inclusion via parameters[template_name]

9.8CVSS0.29091EPSS

Exploits4References6

Positive Technologies•added 2026/02/19 12:0 a.m.•3 views

PT-2026-20630

Name of the Vulnerable Software and Affected Versions Prodigy Commerce versions prior to 3.2.9 Description The Prodigy Commerce plugin for WordPress is susceptible to a Local File Inclusion issue. This allows unauthenticated attackers to include and read arbitrary files or execute arbitrary files...

9.8CVSS6.2AI score0.29091EPSS

Exploits4References13

CNNVD•added 2026/02/19 12:0 a.m.•7 views

WordPress plugin Prodigy Commerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

9.8CVSS6.1AI score0.29091EPSS

Exploits4References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-21955

Malware in sbrugna...

7.8CVSS7.6AI score0.00195EPSS

Exploits4References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-52376

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00295EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-52377

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00249EPSS

Exploits0References1

OSV•added 2025/08/14 6:52 p.m.•2 views

MAL-2025-29707 Malicious code in prodigy-salesforce-module (npm)

The package prodigy-salesforce-module was found to contain malicious code...

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in prodigy-salesforce-module (npm)

The package prodigy-salesforce-module was found to contain malicious code...

7AI score

Exploits0

RedhatCVE•added 2025/05/23 8:10 a.m.•2 views

CVE-2024-54250

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows DOM-Based XSS.This issue affects Prodigy Commerce: from n/a through = 3.0.8...

6.5CVSS7.2AI score0.00295EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:50 a.m.•1 views

CVE-2024-54251

Missing Authorization vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prodigy Commerce: from n/a through = 3.1.2...

6.5CVSS7.2AI score0.00249EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:53 p.m.•4 views

CVE-2021-35312

A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable "RemoteBackup.Service.exe" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with "LocalSystem" privileges...

7.8CVSS6.5AI score0.00195EPSS

Exploits4References1

NVD•added 2024/12/13 3:15 p.m.•4 views

CVE-2024-54250

6.5CVSS0.00295EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by