VYPR

Frontend Manager for WooCommerce

by WordPress

Source repositories

CVEs (5)

  • CVE-2021-24835HigNov 8, 2021
    risk 0.57cvss 8.8epss 0.01

    The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible WordPress plugin before 6.5.12, when used in combination with another WCFM - WooCommerce Multivendor plugin such as WCFM - WooCommerce Multivendor Marketplace, does not escape the…

  • CVE-2024-8290HigSep 25, 2024
    risk 0.50cvss 8.8epss 0.01

    The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.12 via the WCFM_Customers_Manage_Controller::processing function…

  • CVE-2025-3780MedJul 9, 2025
    risk 0.42cvss 6.5epss 0.00

    The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcfm_redirect_to_setup function in all versions up to, and…

  • CVE-2026-0845HigFeb 10, 2026
    risk 0.40cvss 7.2epss 0.00

    The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the…

  • CVE-2026-22335Jun 17, 2026
    risk 0.00cvss epss 0.00

    Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.