Packagist/shopper/framework — 5 CVEs

CRITICAL9.9CVE-2026-47744Shopper: Authorization bypass and RBAC privilege escalation in team settings

from 0, < 2.8.0

HIGH8.7CVE-2026-47743Shopper: Multiple data integrity and disclosure issues in admin Livewire components

from 0, < 2.8.0

HIGH8.1CVE-2026-47740shopper/framework: Authorization bypass in multiple Livewire admin components

from 0, < 2.8.0

MEDIUM6.5Shopper: Missing per-action authorization on PaymentMethods, Currencies and Carriers admin tables

from 0, < 2.8.0

MEDIUM6.5Shopper: Missing authorization on Product admin Livewire sub-form components

from 0, < 2.8.0

pkg:Packagist/shopper/framework