cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forpremmerce premmerce

Direction: descending
Nov 11, 2025

Premmerce # CVE-2025-60241

CVE, Research URL

CVE-2025-60241

Home page URL

Security reports for Premmerce

Application

Premmerce

Date
Nov 06, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce premmerce allows PHP Local File Inclusion.This issue affects Premmerce: from n/a through <= 1.3.19.
Affected versions
max 1.3.19.
Status
vulnerable

Premmerce # CVE-2025-64288

CVE, Research URL

CVE-2025-64288

Home page URL

Security reports for Premmerce

Application

Premmerce

Date
Oct 29, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce premmerce allows Cross Site Request Forgery.This issue affects Premmerce: from n/a through <= 1.3.19.
Affected versions
max 1.3.19.
Status
vulnerable
Nov 15, 2024

Premmerce # CVE-2022-4974

CVE, Research URL

CVE-2022-4974

Home page URL

Security reports for Premmerce

Application

Premmerce

Date
Oct 16, 2024
Research Description
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions
max 1.3.16.
Status
vulnerable
Jun 07, 2024

Premmerce # 43b0a36217dccffff8d22c1a74596ca4f5d07962

CVE, Research URL

43b0a36217dccffff8d22c1a74596ca4f5d07962

Home page URL

Security reports for Premmerce

Application

Premmerce

Date
Feb 28, 2022
Research Description
Premmerce [premmerce] < 1.3.16 WordPress Premmerce plugin <= 1.3.15 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Premmerce plugin (versions <= 1.3.15).
Affected versions
max 1.3.16.
Status
vulnerable

Premmerce # CVE-2023-23719

CVE, Research URL

CVE-2023-23719

Home page URL

Security reports for Premmerce

Application

Premmerce

Date
Jul 17, 2023
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce plugin <= 1.3.17 versions.
Affected versions
max 1.3.17.
Status
vulnerable