Prodigy Commerce — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in Prodigy Commerce, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-0926	Prodigy Commerce <= 3.3.0 - Unauthenticated Local File Inclusion via parameters[template_name] CWE-98	9.8	Critical	2026-02-19
CVE-2024-54250	WordPress Prodigy Commerce plugin <= 3.0.8 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-12-13
CVE-2024-54251	WordPress Prodigy Commerce plugin <= 3.1.2 - Broken Access Control vulnerability CWE-862	6.5	Medium	2024-12-09

All 3 known CVE vulnerabilities affecting Prodigy Commerce with full Chinese analysis, references, and POCs where available.