cleantalk
Vulnerabilities and Security Researches

WCFM Membership – WooCommerce Memberships for Multivendor Marketplace, CVE-2026-42753

CVE, Research URL

CVE-2026-42753

Home page URL

Security reports for WCFM Membership – WooCommerce Memberships for Multivendor Marketplace

Application

WCFM Membership – WooCommerce Memberships for Multivendor Marketplace

Published on
May 27, 2026
Research Description
Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Membership: from n/a through <= 2.11.10.
Affected versions
max 2.11.10.
Status
vulnerable
Previous vulnerability researches
GNA Search Shortcode (CVE-2025-46540) , Apr 26, 2025
New vulnerability
Media Library Assistant (CVE-2026-6075) , May 30, 2026
WCFM Membership &#8211; WooCommerce Memberships for Multivendor Marketplace (CVE-2026-42753) , May 29, 2026
Backup and Staging by WP Time Capsule (CVE-2026-42760) , May 29, 2026
Disable Comments for Any Post Types (Remove comments) (CVE-2026-42749) , May 29, 2026
Rank Math SEO with AI SEO Tools (CVE-2025-12714) , May 29, 2026