WCFM Membership – WooCommerce Memberships for Multivendor Marketplace

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-15147	WCFM WCFM Membership – WooCommerce Memberships for Multivendor Marketplace	Med	0.21	4.3	0.00		Feb 10, 2026	The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.11.8 via the 'WCFMvm_Memberships_Payment_Controller::processing' due to missing validation…

CVE-2025-15147MedFeb 10, 2026
WCFM
WCFM Membership – WooCommerce Memberships for Multivendor Marketplace
risk 0.21cvss 4.3epss 0.00
The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.11.8 via the 'WCFMvm_Memberships_Payment_Controller::processing' due to missing validation…