EUVD-2019-20188

Joomla! Component J-BusinessDirectory 4.9.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the type parameter. Attackers can send GET requests to index.php with the...

WordPress WP-BusinessDirectory plugin <= 4.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin WP-BusinessDirectory versions = 4.0.0...

PT-2026-1926

Name of the Vulnerable Software and Affected Versions WP-BusinessDirectory versions through 3.1.5 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting XSS condition. This allows for the injection of...

EUVD-2020-26429

Malware in sbrugna...

EUVD-2012-1789

Malware in sbrugna...

EUVD-2025-11712

Malicious code in bioql PyPI...

EUVD-2025-10752

Malicious code in bioql PyPI...

CVE-2025-24759

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Blind SQL Injection.This issue affects WP-BusinessDirectory: from n/a through = 3.1.4...

CVE-2025-24759

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Blind SQL Injection.This issue affects WP-BusinessDirectory: from n/a through = 3.1.4...

CVE-2025-24759 WordPress WP-BusinessDirectory <= 3.1.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Blind SQL Injection.This issue affects WP-BusinessDirectory: from n/a through = 3.1.4...

CVE-2025-24759

CVE-2025-24759 refers to a SQL Injection vulnerability in the WordPress plugin WP-BusinessDirectory (CMSJunkie) that allows blind SQL injection due to improper neutralization of SQL elements. Affected: WP-BusinessDirectory

PT-2025-29775 · WordPress · Wp-Businessdirectory

Name of the Vulnerable Software and Affected Versions: WP-BusinessDirectory versions through 3.1.3 Description: The WordPress Business Directory Plugins WP-BusinessDirectory contains a SQL injection flaw. The flaw is due to improper neutralization of special elements used in an SQL command. This...

CVE-2020-5182

The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="noopener" or similar attributes such as noreferrer, the tabnabbing may occur. To reproduce the bug,...

CVE-2025-32630

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through = 3.1.2...

CVE-2025-32630 WordPress WP-BusinessDirectory Plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through = 3.1.2...

WordPress plugin WP-BusinessDirectory 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17146 · WordPress · Wp-Businessdirectory

Name of the Vulnerable Software and Affected Versions: WP-BusinessDirectory versions through 3.1.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For versions...

CVE-2025-32629

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Path Traversal.This issue affects WP-BusinessDirectory: from n/a through = 3.1.2...

CVE-2025-32629

Technical details (affected product/version, root cause, exploit vectors, remediation) are not provided in the supplied documents. Monitor for updates from the publisher to obtain concrete, actionable specifics on CVE-2025-32629.

PT-2025-16088 · WordPress · Wp-Businessdirectory

Name of the Vulnerable Software and Affected Versions: WP-BusinessDirectory versions n/a through 3.1.2 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'. This allows unauthorized access to files and directories...