cleantalk
Vulnerabilities and Security Researches

WCFM Marketplace – Best Multivendor Marketplace for WooCommerce, CVE-2024-44009

CVE, Research URL

CVE-2024-44009

Home page URL

Security reports for WCFM Marketplace – Best Multivendor Marketplace for WooCommerce

Application

WCFM Marketplace – Best Multivendor Marketplace for WooCommerce

Published on
Sep 18, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows Reflected XSS.This issue affects WCFM Marketplace: from n/a through <= 3.6.11.
Affected versions
max 3.6.12.
Status
vulnerable
Previous vulnerability researches
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2025-63029) , Jun 14, 2026
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2024-44009) , Sep 19, 2024
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2026-1722) , Apr 15, 2026
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2022-4936) , Jun 07, 2024
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2022-4935) , Jun 07, 2024
New vulnerability
FAQ Manager For Divi, Gutenberg Block &amp; Shortcode (CVE-2023-33999) , Jun 14, 2026
TablePress &#8211; Tables in WordPress made easy (CVE-2023-33999) , Jun 14, 2026
Docket Cache &#8211; Object Cache Accelerator (CVE-2026-22492) , Jun 14, 2026
Advanced Classifieds &amp; Directory Pro (CVE-2023-33999) , Jun 14, 2026
Display Eventbrite Events (CVE-2023-33999) , Jun 14, 2026