Skip to main content

Multiloca

2 CVEs product

Monthly

CVE-2026-39546 HIGH This Week

Privilege escalation in TechSpawn MultiLoca (WooCommerce Multi Locations Inventory Management) plugin versions 4.2.15 and earlier allows authenticated subscriber-level users to elevate their privileges within affected WordPress sites. The flaw, classified under CWE-266 (Incorrect Privilege Assignment), carries a CVSS 7.6 score with no public exploit identified at time of analysis. The vulnerability was disclosed via Patchstack and affects WordPress installations running the plugin for WooCommerce multi-location inventory management.

Privilege Escalation Multiloca
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2024-13341 MEDIUM This Month

The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is vulnerable to SQL Injection via the 'data-id' parameter in all versions up to, and including, 4.1.11 due to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi Multiloca
NVD
CVSS 3.1
6.5
EPSS
0.1%
EPSS 0% CVSS 7.6
HIGH This Week

Privilege escalation in TechSpawn MultiLoca (WooCommerce Multi Locations Inventory Management) plugin versions 4.2.15 and earlier allows authenticated subscriber-level users to elevate their privileges within affected WordPress sites. The flaw, classified under CWE-266 (Incorrect Privilege Assignment), carries a CVSS 7.6 score with no public exploit identified at time of analysis. The vulnerability was disclosed via Patchstack and affects WordPress installations running the plugin for WooCommerce multi-location inventory management.

Privilege Escalation Multiloca
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is vulnerable to SQL Injection via the 'data-id' parameter in all versions up to, and including, 4.1.11 due to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi Multiloca
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy