exploitDog

CVE-2025-49916

Опубликовано: 22 окт. 2025

Источник: nvd

CVSS3: 8.6

EPSS Низкий

Описание

Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through <= 4.2.23.

Ссылки

https://vdp.patchstack.com/database/Wordpress/Plugin/dc-woocommerce-multi-vendor/vulnerability/wordpress-multivendorx-plugin-4-2-23-broken-access-control-vulnerability?_s_id=cve

EPSS

Процентиль: 19%

0.0006

Низкий

8.6 High

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-5wfr-jmxm-pmrx

CVSS3: 8.6

github

4 месяца назад

Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through <= 4.2.23.

EPSS

Процентиль: 19%

0.0006

Низкий

8.6 High

CVSS3

Дефекты

CWE-862