VYPR

Premmerce Woocommerce Brands

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-12783MedDec 12, 2025
    WordPress
    Premmerce Woocommerce Brands
    risk 0.28cvss 4.3epss 0.00

    The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify brand permalink settings.

  • CVE-2025-62890MedOct 27, 2025
    WordPress
    Premmerce Woocommerce Brands
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through <= 1.2.13.