13 matches found
CVE-2026-8892 CM Business Directory <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Business Address Meta Fields
The CM Business Directory – Optimise and showcase local business plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Business Address Meta Fields in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-8892
CVE-2026-8892 affects the CM Business Directory plugin for WordPress (versions up to and including 1.5.7). The vulnerability is a Stored Cross-Site Scripting (XSS) via the Business Address Meta Fields, caused by insufficient input sanitization and output escaping. Authenticated attackers with con...
CVE-2026-8892
The CM Business Directory – Optimise and showcase local business plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Business Address Meta Fields in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-25004
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Business Directory cm-business-directory allows Stored XSS.This issue affects CM Business Directory: from n/a through = 1.5.3...
CVE-2026-25004 WordPress CM Business Directory plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Business Directory cm-business-directory allows Stored XSS.This issue affects CM Business Directory: from n/a through = 1.5.3...
WordPress plugin CM Business Directory 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress CM Business Directory plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Arif Shaikh in WordPress Plugin CM Business Directory versions = 1.5.3...
EUVD-2025-31203
Malicious code in bioql PyPI...
CVE-2025-10178 CM Business Directory <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The CM Business Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cmbdfeaturedimage' shortcode in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-10178 CM Business Directory <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The CM Business Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cmbdfeaturedimage' shortcode in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress plugin CM Business Directory 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin多款产品 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
WordPress CM Business Directory plugin <= 1.4.1 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin CM Business Directory versions = 1.4.1...