Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wclovers frontend manager for woocommerce along with bookings subscription listings compatible vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-24835
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible WordPress plugin prior to 6.5.12, when used in combination with another WCFM - WooCommerce Multivendor plugin such as WCFM - WooCommerce Multivendor Marketplace, does not escape...
Wclovers Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
9.8
CVSSv3
CVE-2021-24849
The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin prior to 3.4.12, available to unauthenticated and authenticated user, does not properly sanitise multiple parameters before using them in SQL statements, leading to SQL injections
Wclovers Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
8.8
CVSSv3
CVE-2022-4937
The WCFM Frontend Manager plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 6.6.0 due to missing capability checks on various AJAX actions. This makes it possible for authenticated attackers, with minimal permissi...
Wclovers Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
8.8
CVSSv3
CVE-2022-4938
The WCFM Frontend Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.6.0 due to missing nonce checks on various AJAX actions. This makes it possible for unauthenticated malicious users to perform a wide variety of actions ...
Wclovers Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started