Log out
Get PRO

Latest

Access violation vulnerability in MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay, Etsy 4.2.19

  • Severity: medium-risk
  • Status: Fixed
  • Publication: April 4, 2025

The MultiVendorX plugin for WordPress, which helps create a multivendor marketplace on your WooCommerce store, has a security issue that could result in data loss. This is because the plugin does not properly check for user permissions when deleting table rates, which can affect shipping costs. This vulnerability exists in all versions up to and including 4.2.19, and could potentially be exploited by attackers without proper authorization.

Detected in:

MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay, Etsy fixed vulnerable versions:
MultiVendorX – WooCommerce Multivendor – WooCommerce Marketplace – Build Next Amazon, eBay, Etsy, Airbnb fixed vulnerable versions:
MultiVendorX – WooCommerce Multivendor Marketplace Solutions fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.