All 4 CVE vulnerabilities found in Premmerce, with AI-generated Chinese analysis, references, and POCs.
Vendor: Premmerce
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-0555 | Premmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint CWE-79 | 6.4 | Medium | 2026-02-07 |
| CVE-2025-60241 | WordPress Premmerce plugin <= 1.3.19 - Local File Inclusion vulnerability CWE-98 | 7.5 | High | 2025-11-06 |
| CVE-2025-64288 | WordPress Premmerce plugin <= 1.3.19 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 | 4.3 | Medium | 2025-10-29 |
| CVE-2023-23719 | WordPress Premmerce Plugin <= 1.3.17 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352 | 5.4 | Medium | 2023-07-17 |
All 4 known CVE vulnerabilities affecting Premmerce with full Chinese analysis, references, and POCs where available.