cleantalk
Vulnerabilities and Security Researches

WCFM Marketplace – Best Multivendor Marketplace for WooCommerce, CVE-2025-64631

CVE, Research URL

CVE-2025-64631

Home page URL

Security reports for WCFM Marketplace – Best Multivendor Marketplace for WooCommerce

Application

WCFM Marketplace – Best Multivendor Marketplace for WooCommerce

Published on
Dec 16, 2025
Research Description
Missing Authorization vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Marketplace: from n/a through <= 3.6.15.
Affected versions
max 3.6.15.
Status
vulnerable
Previous vulnerability researches
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2024-44009) , Sep 19, 2024
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2026-1722) , Apr 15, 2026
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2022-4936) , Jun 07, 2024
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2022-4935) , Jun 07, 2024
WCFM Marketplace &#8211; Best Multivendor Marketplace for WooCommerce (CVE-2021-24849) , Jun 07, 2024
New vulnerability
Popup Box &#8211; new WordPress popup plugin (CVE-2025-12122) , Apr 19, 2026
KiviCare &#8211; Clinic &amp; Patient Management System (EHR) (CVE-2026-0927) , Apr 19, 2026
Terms Dictionary (CVE-2025-39534) , Apr 19, 2026
Quiz Maker (CVE-2025-58015) , Apr 19, 2026
Canto (CVE-2026-6441) , Apr 19, 2026