CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through 5.0.5...

9.1CVSS6.9AI score0.00179EPSS

Exploits0References1

NVD•added 2024/12/09 1:15 p.m.•8 views

CVE-2023-50899

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through 5.0.2...

5.4CVSS0.00138EPSS

Exploits0References1

Positive Technologies•added 2024/12/09 12:0 a.m.•3 views

PT-2024-13999 · Multivendorx · Product Catalog Enquiry For Woocommerce

Name of the Vulnerable Software and Affected Versions: Product Catalog Enquiry for WooCommerce by MultiVendorX versions 5.0.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Thi...

5.4CVSS6.9AI score0.00138EPSS

Exploits0References4

CNNVD•added 2024/12/09 12:0 a.m.•1 views

WordPress plugin Product Catalog Enquiry for WooCommerce by MultiVendorX 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin Product Catalog...

5.4CVSS6.4AI score0.00138EPSS

Exploits0References1

NVD•added 2024/06/09 11:15 a.m.•13 views

CVE-2024-25929

9.1CVSS0.00179EPSS

Exploits0References1

Vulnrichment•added 2024/06/09 10:30 a.m.•21 views

CVE-2024-25929 WordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerability

6.5CVSS7AI score0.00179EPSS

Exploits0References1

CNNVD•added 2024/06/09 12:0 a.m.•1 views

WordPress plugin Product Catalog Enquiry for WooCommerce by MultiVendorX Security Vulnerability

9.1CVSS6.6AI score0.00179EPSS

Exploits0References2

Patchstack•added 2023/12/26 12:0 a.m.•7 views

WordPress Product Catalog Enquiry for WooCommerce by MultiVendorX Plugin <= 5.0.2 is vulnerable to Broken Access Control

Software Product Catalog Enquiry for WooCommerce by MultiVendorX Type Plugin Vulnerable versions = 5.0.2 Fixed in 5.0.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-50899 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1d8bd2186a...

6.5AI score0.00138EPSS

Exploits0References2Affected Software1

wpexploit•added 2023/11/21 12:0 a.m.•176 views

Product Catalog Enquiry for WooCommerce < 5.0.3 - Unauthenticated Stored XSS via Arbitrary Setting Update

Description The plugin does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users. 1 Make sure the plugin is configured with the "Catalog Mode" activated. 2 Launch the following from your browser's console:...

6.1CVSS6AI score0.00636EPSS

Exploits2

CNVD•added 2019/08/29 12:0 a.m.•1 views

WordPress woocommerce-catalog-enquiry plugin code issue vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. woocommerce-catalog-enquiry is a product catalog management plugin for e-commerce. A security vulnerability exists in the WordPress...

7.5CVSS6.6AI score0.00282EPSS

Exploits0References1