3 matches found
EUVD-2026-44860
The MultiVendorX – WooCommerce Multivendor Marketplace AI Powered Solutions plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 5.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient...
WordPress MultiVendorX Marketplace plugin <= 4.1.17 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin MultiVendorX versions = 4.1.17...
WordPress YITH WooCommerce Multi Vendor plugin <=3.4.0 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability
Authenticated Settings Change YITH Plugin Framework =3.3.8 vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Multi Vendor plugin versions =3.4.0. Solution Update the WordPress YITH WooCommerce Multi Vendor plugin to the latest available version at least 3.4.1...