VYPR

WooCommerce Multivendor Marketplace – REST API

by WordPress

CVEs (2)

  • CVE-2025-1311MedMar 22, 2025
    risk 0.35cvss 6.5epss 0.00

    The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in the update_delivery_status() function in all versions up to, and including, 1.6.2 due to insufficient escaping on the user supplied parameter and…

  • CVE-2023-2275MedJun 9, 2023
    risk 0.28cvss 4.3epss 0.00

    The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'get_item', 'get_order_notes' and 'add_order_note' functions in versions up to, and including,…