Browse all 13 CVE security advisories affecting MultiVendorX. AI-powered Chinese analysis, POCs, and references for each vulnerability.
MultiVendorX provides enterprise software solutions for supply chain management and logistics operations. Historically, the platform has been vulnerable to multiple remote code execution (RCE) flaws, cross-site scripting (XSS) vulnerabilities, and privilege escalation issues, accounting for its 13 recorded CVEs. Security researchers have identified authentication bypass weaknesses and insecure direct object references in its API endpoints. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on the platform. Regular patching and thorough security assessments are recommended for implementations handling sensitive supply chain data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-50899 | WordPress Product Catalog Enquiry for WooCommerce by MultiVendorX plugin <= 5.0.2 - Broken Access Control vulnerability — Product Catalog Enquiry for WooCommerce by MultiVendorXCWE-862 | 5.4 | Medium | 2024-12-09 |
| CVE-2024-25929 | WordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerability — Product Catalog Enquiry for WooCommerce by MultiVendorXCWE-862 | 6.5 | Medium | 2024-06-09 |
This page lists every published CVE security advisory associated with MultiVendorX. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.