Wclovers Wcfm Marketplace – Multivendor Marketplace For Woocommerce

4 CVEs affecting Wclovers Wcfm Marketplace – Multivendor Marketplace For Woocommerce. Latest disclosed: 2026-02-10. Critical: 0, High: 1.

Top CVEs affecting Wclovers Wcfm Marketplace – Multivendor Marketplace For Woocommerce
CVESeverityScorePublishedSummary
CVE-2022-4935High8.82023-04-05The WCFM Marketplace plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 3.4.11 due to missing…
CVE-2023-4960Medium6.42024-01-11The WCFM Marketplace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wcfm_stores' shortcode in versions up to, and including, 3.6.2 due…
CVE-2022-4936Medium6.32023-04-05The WCFM Marketplace plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.11 due to missing nonce checks on v…
CVE-2026-1722Medium5.32026-02-10The WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, an…