Shopperlabs Shopper
5 CVEs affecting Shopperlabs Shopper. Latest disclosed: 2026-05-29. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-47744 | Critical | 9.9 | 2026-05-29 | Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings allowed any authenticated panel user to t… |
CVE-2026-47740 | High | 8.1 | 2026-05-29 | Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an… |
CVE-2026-47745 | Medium | 6.5 | 2026-05-29 | Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, the admin tables for PaymentMethods, Currencies and Carriers exposed inline toggles and per-recor… |
CVE-2026-47742 | Medium | 6.5 | 2026-05-29 | Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Sub-form Livewire components used in the product editor (Edit, Inventory, Seo, Shipping, Files) h… |
CVE-2026-47741 | Medium | 5.9 | 2026-05-29 | Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the Order row before checking and increment… |