Wclovers Wcfm Membership – Woocommerce Memberships For Multivendor Marketplace
5 CVEs affecting Wclovers Wcfm Membership – Woocommerce Memberships For Multivendor Marketplace. Latest disclosed: 2026-02-10. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-2276 | Critical | 9.8 | 2023-05-20 | The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions u… |
CVE-2022-4939 | Critical | 9.8 | 2023-04-05 | THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing capability check on th… |
CVE-2022-4940 | High | 7.3 | 2023-04-05 | The WCFM Membership plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 2.10.0 due to missing… |
CVE-2022-4941 | Medium | 6.3 | 2023-04-05 | The WCFM Membership plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.10 due to missing nonce checks on va… |
CVE-2025-15147 | Medium | 4.3 | 2026-02-10 | The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Reference in all version… |