Vulnerabilities > Wpmarketplace Project

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-06	CVE-2014-9014	Path Traversal vulnerability in Wpmarketplace Project Wpmarketplace 2.4.0 Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. network low complexity wpmarketplace-project CWE-22	4.0
2019-11-06	CVE-2014-9013	Improper Input Validation vulnerability in Wpmarketplace Project Wpmarketplace 2.4.0 The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user. network low complexity wpmarketplace-project CWE-20	6.5

Vulnerabilities > Wpmarketplace Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpmarketplace Project"}]}