Lucene search
K

27 matches found

CVE
CVE
added 2026/05/28 3:27 a.m.21 views

CVE-2026-9241

The FOX – Currency Switcher Professional for WooCommerce WordPress plugin (up to version 1.4.6) is affected by an Authorization Bypass through a user-controlled key. The flaw resides in get_value() in classes/fixed/fixed_user_role.php, which trusts the attacker-controlled $_REQUEST['wooc_order_us...

4.3CVSS5.7AI score0.00213EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.7 views

WordPress plugin WholeSale Products Dynamic Pricing Management 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

4.4CVSS5.7AI score0.00157EPSS
Exploits0References2
NVD
NVD
added 2025/11/18 9:15 a.m.12 views

CVE-2025-12411

The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'ID' parameter in versions up to, and including, 1.1.10. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

7.1CVSS0.00235EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/18 8:27 a.m.5 views

EUVD-2025-197950

The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'ID' parameter in versions up to, and including, 1.1.10. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

7.1CVSS6.2AI score0.00235EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/18 8:27 a.m.5 views

CVE-2025-12411 Premmerce Wholesale Pricing for WooCommerce <= 1.1.10 - Authenticated (Subscriber+) SQL Injection

The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'ID' parameter in versions up to, and including, 1.1.10. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

7.1CVSS6.3AI score0.00235EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.5 views

WordPress plugin Premmerce Wholesale Pricing for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...

7.1CVSS7.6AI score0.00235EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/11/17 10:46 p.m.11 views

WordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by Powpy in WordPress Plugin Premmerce Wholesale Pricing for WooCommerce versions = 1.1.10...

7.1CVSS8.1AI score0.00235EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/07 5:33 p.m.6 views

CVE-2025-60192

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for...

7.5CVSS7.1AI score0.0042EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/06 6:32 p.m.4 views

EUVD-2025-38123

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for...

7.5CVSS6.6AI score0.0042EPSS
Exploits0References2
NVD
NVD
added 2025/11/06 4:16 p.m.4 views

CVE-2025-60192

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for...

7.5CVSS0.0042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/06 3:54 p.m.2 views

CVE-2025-60192 WordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for...

7.5CVSS6.7AI score0.0042EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/06 3:54 p.m.11 views

CVE-2025-60192 WordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for...

7.5CVSS0.0042EPSS
Exploits0References1
CVE
CVE
added 2025/11/06 3:54 p.m.14 views

CVE-2025-60192

CVE-2025-60192 concerns the WordPress plugin Premmerce Wholesale Pricing for WooCommerce (versions up to and including 1.1.10). The issue is an improper control of the filename used in PHP include/require statements, enabling PHP Local File Inclusion . All connected sources corroborate a Local Fi...

7.5CVSS6.7AI score0.0042EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.7 views

PT-2025-45265

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for...

7.5CVSS7.1AI score0.0042EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.5 views

WordPress plugin Premmerce Wholesale Pricing for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS6.7AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/30 9:16 a.m.5 views

CVE-2025-64285

Missing Authorization vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through = 1.1.10...

5.4CVSS6.9AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/29 9:30 a.m.6 views

EUVD-2025-36609

Missing Authorization vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through = 1.1.10...

5.4CVSS6.5AI score0.00197EPSS
Exploits0References2
NVD
NVD
added 2025/10/29 9:15 a.m.5 views

CVE-2025-64285

Missing Authorization vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through = 1.1.10...

5.4CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 8:38 a.m.15 views

CVE-2025-64285 WordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through = 1.1.10...

5.4CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 8:38 a.m.30 views

CVE-2025-64285

CVE-2025-64285 affects the WordPress plugin Premmerce Wholesale Pricing for WooCommerce (versions through 1.1.10). Root cause: missing authorization due to incorrectly configured access control security levels, enabling potential unauthorized access. Impact: broken access control could allow priv...

5.4CVSS6.6AI score0.00197EPSS
Exploits0References1
Rows per page
Query Builder