Webkul Unopim
7 CVEs affecting Webkul Unopim. Latest disclosed: 2025-08-22. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-55745 | High | 8.8 | 2025-08-22 | UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Versions 0.3.0 and prior are vulnerable to CSV injection… |
CVE-2025-55743 | High | 8.8 | 2025-08-21 | UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation featur… |
CVE-2025-55741 | High | 8.1 | 2025-08-22 | UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete pr… |
CVE-2025-55742 | High | 8.0 | 2025-08-21 | UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scriptin… |
CVE-2024-52305 | Medium | 6.5 | 2024-11-13 | UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. A vulnerability exists in the Create User process, allowin… |
CVE-2024-50637 | Medium | 5.4 | 2024-11-06 | UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. This allows attackers to perform XSS via an SVG document, which… |
CVE-2025-55744 | Medium | 4.3 | 2025-08-21 | UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is… |