Vulnerabilities > Cedcommerce > Wholesale Market FOR Woocommerce > 1.0.7

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-02	CVE-2022-4109	Unspecified vulnerability in Cedcommerce Wholesale Market for Woocommerce 1.0.7/1.0.8 The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to download arbitrary logs from the server even when they should not be able to (for example in multisite) network low complexity cedcommerce	2.7
2022-12-19	CVE-2022-4108	Unspecified vulnerability in Cedcommerce Wholesale Market for Woocommerce 1.0.7 The Wholesale Market for WooCommerce WordPress plugin before 1.0.8 does not validate user input used to generate system path, allowing high privilege users such as admin to download arbitrary file from the server even when they should not be able to (for example in multisite) network low complexity cedcommerce	4.9

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.