CVE-2025-24706

Name of the Vulnerable Software and Affected Versions MultiVendorX WC Marketplace versions n/a through 4.2.13

Description The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting (XSS) vulnerability, specifically Stored XSS. This allows malicious scripts to be stored on the server and executed when a user accesses the affected web page.

Recommendations For versions n/a through 4.2.13, update to a version later than 4.2.13 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.