EUVD-2021-11092

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Business Directory Plugin for WordPress had Cross-Site Request Forgery vulnerabilities affecting administrators

Reporter	Title	Published	Views	Family All 9
CNNVD	WordPress 跨站请求伪造漏洞	6 May 202100:00	–	cnnvd
CVE	CVE-2021-24178	5 May 202118:39	–	cve
Cvelist	CVE-2021-24178 Business Directory Plugin < 5.11.1 - Arbitrary Add/Edit/Delete Form Field to Stored XSS	5 May 202118:39	–	cvelist
NVD	CVE-2021-24178	6 May 202113:15	–	nvd
OSV	CVE-2021-24178	6 May 202113:15	–	osv
Prion	Cross site scripting	6 May 202113:15	–	prion
RedhatCVE	CVE-2021-24178	22 May 202519:20	–	redhatcve
wpexploit	Business Directory Plugin < 5.11.1 - Arbitrary Add/Edit/Delete Form Field to Stored XSS	11 Apr 202100:00	–	wpexploit
WPVulnDB	Business Directory Plugin < 5.11.1 - Arbitrary Add/Edit/Delete Form Field to Stored XSS	11 Apr 202100:00	–	wpvulndb

[
  {
    "enisaIdVendor": [
      {
        "id": "a88ff38c-7615-3c7c-b592-6a38ccde8bf5",
        "vendor": {
          "name": "Business Directory Team"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "74ddf341-0509-3850-ac6b-8012ee3b2d37",
        "product": {
          "name": "Business Directory Plugin – Easy Listing Directories for WordPress"
        },
        "product_version": "5.11.1 <5.11.1"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/700f3b04-8298-447c-8d3c-4581880a63b5
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

8.6High risk

Vulners AI Score8.6

CVSS 3.18.8

CVSS 26.8

EPSS0.00202

wordpress plugin vulnerabilities cross-site request forgery stored cross-site scripting