GCVE - cpe:2.3:a:wpxpo:wholesalex:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wpxpo:wholesalex:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Wpxpo (`c5bc2b74-4fb9-5b98-a1a9-71c128f75636`)
Product	Wholesalex (`6862dba3-b696-5d3d-b69c-ac3d524949f4`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/common-repository/wholesalex`	purl2cpe	2026-06-01 10:12:51.282084

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-30542`	vulnerable	2026-06-08 06:35:30.544809	WordPress WholesaleX plugin <= 1.3.2 - Unauthenticated Privilege Escalation vulnerability CRITICAL (9.8) Improper Privilege Management vulnerability in Wholesale WholesaleX allows Privilege Escalation.This issue affects WholesaleX: from n/a through 1.3.2. Published: 2024-05-17T08:52:21.055Z Updated: 2026-04-28T16:09:26.408Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-2-unauthenticated-privilege-escalation-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-30234`	vulnerable	2026-06-08 06:35:29.297119	WordPress WholesaleX plugin <= 1.3.1 - Broken Access Control vulnerability MEDIUM (6.5) Missing Authorization vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.1. Published: 2024-03-26T12:16:09.432Z Updated: 2026-04-28T16:09:22.339Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-30233`	vulnerable	2026-06-08 06:35:29.296632	WordPress WholesaleX plugin <= 1.3.1 - Sensitive Data Exposure on User Export vulnerability MEDIUM (6.5) Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.1. Published: 2024-03-26T12:10:55.941Z Updated: 2026-04-28T16:09:22.298Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-sensitive-data-exposure-on-user-export-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-30224`	vulnerable	2026-06-08 06:35:29.280920	WordPress WholesaleX plugin <= 1.3.2 - Unauthenticated PHP Object Injection vulnerability CRITICAL (10) Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.2. Published: 2024-03-28T05:02:20.331Z Updated: 2026-04-28T16:09:22.126Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-2-unauthenticated-php-object-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.