Prodigycommerce Prodigy Commerce
3 CVEs affecting Prodigycommerce Prodigy Commerce. Latest disclosed: 2026-02-19. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-0926 | Critical | 9.8 | 2026-02-19 | The Prodigy Commerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the 'parameters[template_name]'… |
CVE-2024-54250 | Medium | 6.5 | 2024-12-13 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows… |
CVE-2024-54251 | Medium | 6.5 | 2024-12-09 | Missing Authorization vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows Exploiting Incorrectly Configured Access Control Security Level… |