Wclovers Wcfm_marketplace

4 CVEs affecting Wclovers Wcfm_marketplace. Latest disclosed: 2024-09-17. Critical: 0, High: 2.

Top CVEs affecting Wclovers Wcfm_marketplace
CVESeverityScorePublishedSummary
CVE-2022-4935High8.82023-04-05The WCFM Marketplace plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 3.4.11 due to missing…
CVE-2024-44009High7.12024-09-17Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace all…
CVE-2023-4960Medium6.42024-01-11The WCFM Marketplace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wcfm_stores' shortcode in versions up to, and including, 3.6.2 due…
CVE-2022-4936Medium6.32023-04-05The WCFM Marketplace plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.11 due to missing nonce checks on v…