17 matches found
EUVD-2026-37674
Subscriber Privilege Escalation in MultiLoca = 4.2.15 versions...
CVE-2026-39546
Subscriber Privilege Escalation in MultiLoca = 4.2.15 versions...
CVE-2026-39546 WordPress MultiLoca plugin <= 4.2.15 - Privilege Escalation vulnerability
Subscriber Privilege Escalation in MultiLoca = 4.2.15 versions...
CVE-2026-39546
This CVE concerns the WordPress plugin MultiLoca (WooCommerce Multi-Locations Inventory Management) up to version 4.2.15, with a Subscriber Privilege Escalation vulnerability. The vulnerability is described as enabling a subscriber to escalate privileges, indicating a potential elevation from a l...
WordPress MultiLoca plugin <= 4.2.15 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Denver Jackson in WordPress Plugin MultiLoca versions = 4.2.15...
EUVD-2025-30956
Malicious code in bioql PyPI...
EUVD-2024-51542
Malicious code in bioql PyPI...
WordPress MultiLoca - WooCommerce Multi Locations Inventory Management plugin <= 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Options Update via 'wcmlim_settings_ajax_handler' vulnerability
WordPress MultiLoca - WooCommerce Multi Locations Inventory Management plugin = 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Options Update via 'wcmlimsettingsajaxhandler' vulnerability discovered by Thái An in WordPress Plugin MultiLoca versions = 4.2.8...
WordPress plugin MultiLoca - WooCommerce Multi Locations Inventory Management 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...
CVE-2024-13341
The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is vulnerable to SQL Injection via the 'data-id' parameter in all versions up to, and including, 4.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13341
The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is vulnerable to SQL Injection via the 'data-id' parameter in all versions up to, and including, 4.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13341
The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is vulnerable to SQL Injection via the 'data-id' parameter in all versions up to, and including, 4.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13341 MultiLoca - WooCommerce Multi Locations Inventory Management <= 4.1.11 - Authenticated (Subscriber+) SQL Injection
The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is vulnerable to SQL Injection via the 'data-id' parameter in all versions up to, and including, 4.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13341
CVE-2024-13341 affects the WordPress plugin “MultiLoca - WooCommerce Multi Locations Inventory Management” (WordPress/WooCommerce). The vulnerability is a SQL Injection via the data-id parameter in all versions up to and including 4.1.11, caused by insufficient escaping and unsafe handling of the...
CVE-2024-13341 MultiLoca - WooCommerce Multi Locations Inventory Management <= 4.1.11 - Authenticated (Subscriber+) SQL Injection
The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is vulnerable to SQL Injection via the 'data-id' parameter in all versions up to, and including, 4.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
WordPress plugin MultiLoca - WooCommerce Multi Locations Inventory Management SQL注入漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin MultiLoca - WooCommerce Multi Locations Inventory Management A SQL...
WordPress MultiLoca plugin <= 4.1.11 - Authenticated (Subscriber+) SQL Injection vulnerability
Authenticated Subscriber+ SQL Injection vulnerability discovered by Aiden Thái An in WordPress Plugin MultiLoca versions = 4.1.11...