MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution

Information

Software Type Plugin
Software Slug dc-woocommerce-multi-vendor (view on wordpress.org)
Software Status Active
Software Author wcmp
Software Website multivendorx.com
Software Downloads 799,114
Software Active Installs 6,000
Software Record Last Updated April 20, 2024

12 Vulnerabilities

Title CVE ID CVSS Researchers Date
WC Marketplace <= 4.1.3 - Missing Authorization CVE-2024-31304 4.3 LVT-tholv2k April 5, 2024
WC Marketplace <= 4.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-30433 6.4 LVT-tholv2k March 28, 2024
MultiVendorX Marketplace <= 4.1.2 - Missing Authorization CVE-2024-24703 8.6 Le Ngoc Anh January 31, 2024
WC Marketplace <= 4.0.23 - Missing Authorization via mvx_save_dashpages CVE-2023-51355 7.5 thiennv December 26, 2023
MultiVendorX <= 4.0.25 - Improper Authorization on REST Routes via 'save_settings_permission' 8.6 September 12, 2023
Multivendor Marketplace Solution for WooCommerce – WC Marketplace <= 3.8.11.8 - Reflected Cross-Site Scripting 6.1 WPScanTeam August 15, 2022
Multivendor Marketplace Solution for WooCommerce – WC Marketplace <= 3.8.11.8 - Local File Inclusion 8.2 WPScanTeam August 15, 2022
Multivendor Marketplace Solution for WooCommerce – WC Marketplace <= 3.8.11.8 - Multiple Unprotected AJAX Actions CVE-2022-2657 7.3 WPScanTeam August 15, 2022
Multivendor Marketplace Solution for WooCommerce – WC Marketplace <= 3.8.11.8 - Cross-Site Request Forgery CVE-2022-2657 8.8 moumitahalder August 4, 2022
Multivendor Marketplace Solution for WooCommerce – WC Marketplace < 3.8.4 - Reflected Cross-Site Scripting 6.1 WPScanTeam December 6, 2021
Multivendor Marketplace Solution for WooCommerce <= 3.7.3 - Insecure Direct Object Reference 4.3 WPScanTeam May 26, 2021
MultiVendorX – MultiVendor Marketplace Solution For WooCommerce <= 3.5.7 - Cross-Site Request Forgery Bypass CVE-2020-36741 4.3 Jerome Bruandet September 16, 2020

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation