Vendor
Multiple Livewire components in the Shopper framework admin panel allowed authenticated low-privilege users to bypass authorization and mutate data without the required permissions, leading to potential privilege escalation and cross-site scripting.