CVE-2025-48263

Medium CVSS: 5.4

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Stored XSS.This issue affects MultiVendorX: from n/a through <= 4.2.22.

Vendor

Multivendorx

Product

Multivendorx

CWE

CWE-79

Yayın Tarihi

2025-05-19 15:15:29

Güncelleme

2026-04-01 17:24:35

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-79 Multivendorx MEDIUM Multivendorx 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/dc-woocommerce-multi-vendor/vulnerability/wordpress-multivendorx-4-2-22-cross-site-scripting-xss-vulnerability?_s_id=cve

Benzer Kayıtlar

Unknown

CVE-2025-48261

Insertion of Sensitive Information Into Sent Data vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor…

Medium

CVE-2025-4101

The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is vulnerable to unauthorized loss…

Medium

CVE-2025-2789

The MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay,…

Critical

CVE-2025-0493

The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limit…