Input validation vulnerability in MultiVendorX – MultiVendor Marketplace Solution For WooCommerce 3.8.11.8

The Multivendor Marketplace Solution for WooCommerce is a plugin for WordPress that had a security vulnerability in versions up to and including 3.8.11.8. This vulnerability was caused by a missing or incorrect nonce validation on the wcmp_suspend_vendor ajax action. This meant that unauthenticated attackers could potentially suspend vendors, by taking advantage of a logged in user clicking on a link that had been forged.