VYPR

Perfect Woocommerce Brands

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-58686HigSep 22, 2025
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in quadlayers Perfect Brands for WooCommerce perfect-woocommerce-brands allows SQL Injection.This issue affects Perfect Brands for WooCommerce: from n/a through <= 3.6.2.

  • CVE-2025-10144MedNov 24, 2025
    risk 0.42cvss 6.5epss 0.00

    The Perfect Brands for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the `brands` attribute of the `products` shortcode in all versions up to, and including, 3.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient…

  • CVE-2022-23982MedFeb 18, 2022
    risk 0.28cvss 4.3epss 0.01

    The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure.

  • CVE-2022-23981MedFeb 18, 2022
    risk 0.28cvss 4.3epss 0.01

    The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4).