CVE-2024-24703: WordPress MultiVendorX plugin <= 4.0.25 - Broken Access Control vulnerability
First published: Tue Jun 11 2024(Updated: )
Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.0.25.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| MultiVendorX WooCommerce MultiVendor Marketplace | >=n/a<=4.0.25 | |
| WordPress MultiVendorX Marketplace plugin | <=4.0.25 |
Remedy
Update to 4.0.26 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-24703?
CVE-2024-24703 is classified as a missing authorization vulnerability, which could lead to unauthorized access.
How do I fix CVE-2024-24703?
To fix CVE-2024-24703, update MultiVendorX WC Marketplace or MultiVendorX Plugin to the latest version beyond 4.0.25.
Which versions are affected by CVE-2024-24703?
CVE-2024-24703 affects MultiVendorX WC Marketplace from n/a through 4.0.25 and MultiVendorX Plugin up to 4.0.25.
What does CVE-2024-24703 expose?
CVE-2024-24703 exposes a risk of unauthorized actions by users due to inadequate authorization checks.
Is it safe to use versions prior to 4.1.1 for MultiVendorX?
Using versions prior to 4.1.1 for MultiVendorX is not safe due to the identified vulnerabilities including CVE-2024-24703.
- agent/title
- agent/references
- agent/remedy
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/severity
- agent/event
- collector/nvd-api
- source/NVD
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/multivendorx
- canonical/multivendorx woocommerce multivendor marketplace
- canonical/wordpress multivendorx marketplace plugin