Lucene search
K

6 matches found

NVD
NVD
added 2025/12/05 8:15 a.m.5 views

CVE-2025-12130

The WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.4. This is due to missing or incorrect nonce validation on the /vendordashboard/product/delete/ endpoint...

4.3CVSS0.00102EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/05 7:26 a.m.2 views

CVE-2025-12130 WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors <= 2.6.4 - Cross-Site Request Forgery to Vendor Product Deletion

The WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.4. This is due to missing or incorrect nonce validation on the /vendordashboard/product/delete/ endpoint...

4.3CVSS4.9AI score0.00102EPSS
Exploits0References2
CVE
CVE
added 2025/12/05 7:26 a.m.11 views

CVE-2025-12130

CVE-2025-12130 concerns the WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors WordPress plugin. Wordfence and NVD indicate a Cross-Site Request Forgery (CSRF) vulnerability due to missing/incorrect nonce validation on the /vendor_dashboard/product/delete/ endpoint, al...

4.3CVSS4.9AI score0.00102EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.6 views

PT-2025-49231

The WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.4. This is due to missing or incorrect nonce validation on the /vendor dashboard/product/delete/ endpoint...

4.3CVSS5.3AI score0.00102EPSS
Exploits0References3
OSV
OSV
added 2023/12/19 9:15 p.m.4 views

CVE-2023-48327

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WC Vendors WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors.This issue affects WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors: from n...

7.2CVSS7.3AI score0.00725EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.8 views

PT-2023-30787 · Unknown · Wc Vendors – Woocommerce Multi-Vendor +2

Name of the Vulnerable Software and Affected Versions: WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors versions 2.4.7 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL...

7.6CVSS7.7AI score0.00725EPSS
Exploits0References7
Rows per page
Query Builder