Wclovers Wcfm – Frontend Manager For Woocommerce
6 CVEs affecting Wclovers Wcfm – Frontend Manager For Woocommerce. Latest disclosed: 2026-05-02. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-8290 | High | 8.8 | 2024-09-25 | The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object R… |
CVE-2026-2554 | High | 8.1 | 2026-05-02 | The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object R… |
CVE-2026-4896 | High | 8.1 | 2026-04-04 | The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object R… |
CVE-2026-0845 | High | 7.2 | 2026-02-09 | The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modificatio… |
CVE-2025-3780 | Medium | 6.5 | 2025-07-08 | The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modificatio… |
CVE-2022-4938 | Medium | 6.3 | 2023-04-05 | The WCFM Frontend Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.6.0 due to missing nonce checks… |