CVE-2023-50899

MEDIUM

MultiVendorX Product Catalog Enquiry - Info Disclosure

Title source: llm
STIX 2.1

Description

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through 5.0.2.

Scores

CVSS v3 5.4
EPSS 0.0048
EPSS Percentile 37.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (1)
MultiVendorX/Product Catalog Enquiry for WooCommerce by MultiVendorX < 5.0.2
Published Dec 09, 2024
Tracked Since Feb 18, 2026