shopper/framework Security Advisories for v2.0.0-beta10 (5)
-
[CRITICAL] Shopper: Authorization bypass and RBAC privilege escalation in team settings
PKSA-5g52-7x8y-w2y1 CVE-2026-47744 GHSA-c3qp-2ggw-xjg7
Affected version: <2.8.0
Reported by:
GitHub -
[HIGH] Shopper: Multiple data integrity and disclosure issues in admin Livewire components
PKSA-88dm-mp91-mkr8 CVE-2026-47743 GHSA-hr9v-r8r2-hg7j
Affected version: <2.8.0
Reported by:
GitHub -
[MEDIUM] Shopper: Missing per-action authorization on PaymentMethods, Currencies and Carriers admin tables
PKSA-7v8h-262h-wzkz CVE-2026-47745 GHSA-fxqw-97cc-7g5c
Affected version: <2.8.0
Reported by:
GitHub -
[MEDIUM] Shopper: Missing authorization on Product admin Livewire sub-form components
PKSA-jg8p-p13z-fkym CVE-2026-47742 GHSA-h4mp-g9c6-xwph
Affected version: <2.8.0
Reported by:
GitHub -
[HIGH] shopper/framework: Authorization bypass in multiple Livewire admin components
PKSA-vtqh-k648-prz7 GHSA-f946-9qp6-vgch
Affected version: <2.8.0
Reported by:
GitHub