Skip to main content

Product Catalog Mode For Woocommerce

2 CVEs product

Monthly

CVE-2024-25929 CRITICAL Act Now

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.0.5. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Product Catalog Mode For Woocommerce
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2023-5348 MEDIUM POC This Month

The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Product Catalog Mode For Woocommerce
NVD WPScan
CVSS 3.1
6.1
EPSS
0.5%
EPSS 0% CVSS 9.1
CRITICAL Act Now

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.0.5. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Product Catalog Mode For Woocommerce
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Product Catalog Mode For Woocommerce
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy