VYPR

Marketking Multivendor Marketplace For Woocommerce

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-58702MedSep 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebWizards MarketKing marketking-multivendor-marketplace-for-woocommerce allows Stored XSS.This issue affects MarketKing: from n/a through <= 2.0.92.

  • CVE-2024-13519MedJan 18, 2025
    risk 0.29cvss 4.4epss 0.00

    The MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's settings in all versions up to, and including, 1.9.80 due to insufficient input sanitization and output escaping. This makes it…

  • CVE-2022-2657MedSep 5, 2022
    risk 0.28cvss 4.3epss 0.00

    The Multivendor Marketplace Solution for WooCommerce WordPress plugin before 3.8.12 is lacking authorisation and CSRF in multiple AJAX actions, which could allow any authenticated users, such as subscriber to call them and suspend vendors (reporter by the submitter) or update…

  • CVE-2024-12413MedDec 25, 2024
    risk 0.27cvss 5.3epss 0.00

    The MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions like 'marketking_delete_team_member', 'marketkingrejectuser',…