Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MultiVendorX — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting MultiVendorX. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MultiVendorX provides enterprise software solutions for supply chain management and logistics operations. Historically, the platform has been vulnerable to multiple remote code execution (RCE) flaws, cross-site scripting (XSS) vulnerabilities, and privilege escalation issues, accounting for its 13 recorded CVEs. Security researchers have identified authentication bypass weaknesses and insecure direct object references in its API endpoints. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on the platform. Regular patching and thorough security assessments are recommended for implementations handling sensitive supply chain data.

Top products by MultiVendorX: MultiVendorX WC Marketplace Product Catalog Enquiry for WooCommerce by MultiVendorX Product Stock Manager & Notifier for WooCommerce WooCommerce Product Stock Alert
CVE IDTitleCVSSSeverityPublished
CVE-2025-49916 WordPress MultiVendorX plugin <= 4.2.23 - Broken Access Control vulnerability — MultiVendorXCWE-862 8.6 High2025-10-22
CVE-2025-48261 WordPress MultiVendorX plugin <= 4.2.22 - Sensitive Data Exposure Vulnerability — MultiVendorXCWE-201 7.5 High2025-06-09
CVE-2025-48263 WordPress MultiVendorX plugin <= 4.2.22 - Cross Site Scripting (XSS) Vulnerability — MultiVendorXCWE-79 6.5 Medium2025-05-19
CVE-2025-24706 WordPress MultiVendorX plugin <= 4.2.13 - Cross Site Scripting (XSS) vulnerability — MultiVendorXCWE-79 6.5 Medium2025-01-24
CVE-2023-37971 WordPress WooCommerce Product Stock Alert plugin <= 2.0.1 - Broken Access Control vulnerability — WooCommerce Product Stock AlertCWE-862 6.5 Medium2024-12-13
CVE-2023-50899 WordPress Product Catalog Enquiry for WooCommerce by MultiVendorX plugin <= 5.0.2 - Broken Access Control vulnerability — Product Catalog Enquiry for WooCommerce by MultiVendorXCWE-862 5.4 Medium2024-12-09
CVE-2023-51355 WordPress MultiVendorX plugin <= 4.0.23 - Broken Access Control vulnerability — MultiVendorXCWE-862 8.2 High2024-12-09
CVE-2024-43213 WordPress MultiVendorX Marketplace plugin <= 4.1.17 - Reflected Cross Site Scripting (XSS) vulnerability — WC MarketplaceCWE-79 7.1 High2024-08-12
CVE-2024-24703 WordPress MultiVendorX plugin <= 4.0.25 - Broken Access Control vulnerability — WC MarketplaceCWE-862 8.6 High2024-06-11
CVE-2024-31304 WordPress MultiVendorX Marketplace <= 4.1.3 - Broken Access Control vulnerability — WC MarketplaceCWE-862 7.1 High2024-06-09
CVE-2024-25929 WordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerability — Product Catalog Enquiry for WooCommerce by MultiVendorXCWE-862 6.5 Medium2024-06-09
CVE-2024-30433 WordPress MultiVendorX Marketplace plugin <= 4.1.3 - Cross Site Scripting (XSS) vulnerability — WC MarketplaceCWE-79 6.5 Medium2024-03-29
CVE-2023-37972 WordPress WooCommerce Product Stock Alert Plugin <= 2.0.1 is vulnerable to Sensitive Data Exposure — Product Stock Manager & Notifier for WooCommerceCWE-200 5.3 Medium2023-11-30

This page lists every published CVE security advisory associated with MultiVendorX. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.