VYPR

Wc Multivendor Marketplace

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-63029HigApr 15, 2026
    risk 0.49cvss 7.6epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows SQL Injection.This issue affects WCFM Marketplace: from n/a through <= 3.7.1.

  • CVE-2024-5259MedJun 6, 2024
    risk 0.35cvss 6.4epss 0.00

    The MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hover_animation’ parameter in all versions up to, and including, 4.1.11 due to insufficient input sanitization and output…