Premmerce Product Search For Woocommerce

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:premmerce:premmerce_product_search_for_woocommerce:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorPremmerce (64f7c5bf-ded2-5e5c-a241-c9bafb4032e2)
ProductPremmerce Product Search For Woocommerce (8216e145-9b5b-5c5f-bb1f-c498b47e82c5)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-64290 vulnerable 2026-06-03 15:09:37.676231 WordPress Premmerce Product Search for WooCommerce plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Product Search for WooCommerce premmerce-search allows Cross Site Request Forgery.This issue affects Premmerce Product Search for WooCommerce: from n/a through <= 2.2.4.
Published: 2025-10-29T08:38:15.299Z
Updated: 2026-04-28T16:14:13.796Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-64289 vulnerable 2026-06-03 15:09:37.675900 WordPress Premmerce Product Search for WooCommerce plugin <= 2.2.5 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Premmerce Premmerce Product Search for WooCommerce premmerce-search allows Stored XSS.This issue affects Premmerce Product Search for WooCommerce: from n/a through <= 2.2.5.
Published: 2025-10-29T08:38:14.838Z
Updated: 2026-04-28T18:29:51.135Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-60194 vulnerable 2026-06-03 15:07:55.880537 WordPress Premmerce Product Search for WooCommerce plugin <= 2.2.4 - Local File Inclusion vulnerability
HIGH (7.5)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Product Search for WooCommerce premmerce-search allows PHP Local File Inclusion.This issue affects Premmerce Product Search for WooCommerce: from n/a through <= 2.2.4.
Published: 2025-11-06T15:54:50.878Z
Updated: 2026-04-28T16:13:57.032Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-4974 vulnerable 2026-06-03 14:48:44.388176 Freemius SDK <= 2.4.2 - Missing Authorization Checks
MEDIUM (6.3)
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Published: 2024-10-16T06:43:30.014Z
Updated: 2026-04-08T16:46:54.861Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.