29 matches found
CVE-2025-49916 WordPress MultiVendorX plugin <= 4.2.23 - Broken Access Control vulnerability
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through = 4.2.23...
EUVD-2025-1716
Malicious code in bioql PyPI...
EUVD-2024-46497
Malicious code in bioql PyPI...
EUVD-2024-49990
Malicious code in bioql PyPI...
EUVD-2025-9911
Malicious code in bioql PyPI...
CVE-2024-9531
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mvxsentdeactivationrequest' function in all versions up to, and including, 4.2.4. This makes it possible f...
CVE-2020-36741
The MultiVendorX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.7. This is due to missing or incorrect nonce validation on the submitcomment function. This makes it possible for unauthenticated attackers to submit comments via a forged reque...
CVE-2025-4101
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is vulnerable to unauthorized loss of data due to a misconfigured capability check on the 'deletefpmproduct' function in all versions up to, and including, 4.2.22. This makes it possible for authenticated...
CVE-2025-4101
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is vulnerable to unauthorized loss of data due to a misconfigured capability check on the 'deletefpmproduct' function in all versions up to, and including, 4.2.22. This makes it possible for authenticated...
CVE-2025-4101 MultiVendorX – WooCommerce Multivendor Marketplace Solutions <= 4.2.22 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Post Deletion
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is vulnerable to unauthorized loss of data due to a misconfigured capability check on the 'deletefpmproduct' function in all versions up to, and including, 4.2.22. This makes it possible for authenticated...
CVE-2025-4101 MultiVendorX – WooCommerce Multivendor Marketplace Solutions <= 4.2.22 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Post Deletion
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is vulnerable to unauthorized loss of data due to a misconfigured capability check on the 'deletefpmproduct' function in all versions up to, and including, 4.2.22. This makes it possible for authenticated...
WordPress plugin MultiVendorX – WooCommerce Multivendor Marketplace Solutions 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in WordPress plugin MultiVendorX -...
PT-2025-21791 · WordPress · Multivendorx
Name of the Vulnerable Software and Affected Versions: MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress versions prior to 4.2.22 Description: The issue allows authenticated attackers with Contributor-level access and above to delete arbitrary posts, pages,...
CVE-2025-2789
CVE-2025-2789 affects MultiVendorX – WooCommerce Multivendor Marketplace Solutions,
CVE-2025-0493
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the tabname parameter. This makes it possible for unauthenticated attackers to include PHP files on the...
CVE-2024-8289
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to privilege escalation/de-escalation and account takeover due to an insufficient capability check on the updateitempermissionscheck and createitempermissionscheck functions in all...
WordPress MultiVendorX plugin <= 4.2.14 - Unauthenticated Limited Local File Inclusion vulnerability
Unauthenticated Limited Local File Inclusion vulnerability discovered by mikemyers in WordPress Plugin MultiVendorX versions = 4.2.14...
CVE-2025-0493
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the tabname parameter. This makes it possible for unauthenticated attackers to include PHP files on the...
CVE-2025-0493 MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.14 - Unauthenticated Limited Local File Inclusion
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the tabname parameter. This makes it possible for unauthenticated attackers to include PHP files on the...
CVE-2025-0493 MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.14 - Unauthenticated Limited Local File Inclusion
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the tabname parameter. This makes it possible for unauthenticated attackers to include PHP files on the...