[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fN-WyjwwzoSVbqzHfBF44YMUL6AzGVGfZCGUYnU8vjeE":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-24f13f9a-b240-4e32-9f12-117dbe7ecac4-dc-woocommerce-multi-vendor","multivendor-marketplace-solution-for-woocommerce-insecure-direct-object-reference","Multivendor Marketplace Solution for WooCommerce \u003C= 3.7.3 - Insecure Direct Object Reference","The Multivendor Marketplace Solution for WooCommerce plugin for WordPress is vulnerable to users commenting as a different user in versions up to, and including, 3.7.3. This is due to improper user ID validation and and capability checking  This makes it possible for unauthenticated attackers to post unwanted arbitrary comments as other users.","dc-woocommerce-multi-vendor",null,"\u003C=3.7.3","3.7.4","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Authorization Bypass Through User-Controlled Key","2021-05-26 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F24f13f9a-b240-4e32-9f12-117dbe7ecac4?source=api-prod",972]