Wordpress Wcfm Marketplace Vulnerabilities

SQL Injection Vulnerability in WCFM Marketplace by WC Lovers

CVE-2025-63029

WordPressWcfm Marketplace7.6HIGH

Insecure Direct Object Reference in WCFM Marketplace Plugin for WordPress

CVE-2026-1722

WordPressWcfm Marketplace – Mul...5.3MEDIUM

Insecure Direct Object Reference in WCFM Membership Plugin for WooCommerce by WordPress

CVE-2025-15147

WordPressWcfm Membership – WooC...4.3MEDIUM

Missing Authorization Vulnerability in WCFM Marketplace by WC Lovers

CVE-2025-64631

WordPressWcfm Marketplace5MEDIUM

SQL Injection in WooCommerce Multivendor Marketplace REST API Plugin for WordPress

CVE-2025-1311

WordPressWcfm – Multivendor Mar...6.5MEDIUM

Freemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes

CVE-2022-4974

WordPressYasr – Yet Another Sta...6.3MEDIUM

Reflected XSS Vulnerability in WCFM Marketplace

CVE-2024-44009

WordPressWcfm Marketplace6.1MEDIUM

Stored Cross-Site Scripting in WCFM Marketplace Plugin for WordPress

CVE-2023-4960

WordPressWcfm Marketplace – Mul...6.4MEDIUM

Unauthorized Data Access in WooCommerce Multivendor Marketplace by WCFM

CVE-2023-2275

WordPressWcfm – Multivendor Mar...4.3MEDIUM

Insecure Direct Object References in WCFM Membership Plugin for WooCommerce

CVE-2023-2276

WordPressWcfm Membership – WooC...9.8CRITICAL

Cross-Site Request Forgery in WCFM Membership Plugin for WordPress

CVE-2022-4941

WordPressWcfm Membership – WooC...6.3MEDIUM

Unauthorized Data Modification in WCFM Membership Plugin for WordPress

CVE-2022-4940

WordPressWcfm Membership – WooC...EPSS 14%7.3HIGH

Privilege Escalation Vulnerability in WCFM Membership Plugin for WordPress

CVE-2022-4939

WordPressWcfm Membership – WooC...👾🟡EPSS 20%9.8CRITICAL

Cross-Site Request Forgery Vulnerability in WCFM Marketplace Plugin for WordPress

CVE-2022-4936

WordPressWcfm Marketplace – Mul...6.3MEDIUM

Unauthorized Data Access in WCFM Marketplace Plugin for WordPress

CVE-2022-4935

WordPressWcfm Marketplace – Mul...8.8HIGH

WCFM - WooCommerce Multivendor Marketplace < 3.4.12 - Unauthenticated SQL Injection

CVE-2021-24849

WordpressWcfm Marketplace – Bes...EPSS 74%9.8CRITICAL

WordPress Wcfm Marketplace Vulnerabilities

Vulnerability Published:

Sort By:

15 April 2026

SQL Injection Vulnerability in WCFM Marketplace by WC Lovers

10 February 2026

Insecure Direct Object Reference in WCFM Marketplace Plugin for WordPress

9 February 2026

Insecure Direct Object Reference in WCFM Membership Plugin for WooCommerce by WordPress

16 December 2025

Missing Authorization Vulnerability in WCFM Marketplace by WC Lovers

22 March 2025

SQL Injection in WooCommerce Multivendor Marketplace REST API Plugin for WordPress

16 October 2024

Freemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes

17 September 2024

Reflected XSS Vulnerability in WCFM Marketplace

11 January 2024

Stored Cross-Site Scripting in WCFM Marketplace Plugin for WordPress

9 June 2023

Unauthorized Data Access in WooCommerce Multivendor Marketplace by WCFM

20 May 2023

Insecure Direct Object References in WCFM Membership Plugin for WooCommerce

5 April 2023

Cross-Site Request Forgery in WCFM Membership Plugin for WordPress

Unauthorized Data Modification in WCFM Membership Plugin for WordPress

Privilege Escalation Vulnerability in WCFM Membership Plugin for WordPress

Cross-Site Request Forgery Vulnerability in WCFM Marketplace Plugin for WordPress

Unauthorized Data Access in WCFM Marketplace Plugin for WordPress

21 December 2021

WCFM - WooCommerce Multivendor Marketplace < 3.4.12 - Unauthenticated SQL Injection