Lucene search
K

6 matches found

Patchstack
Patchstack
added 2026/02/19 7:3 a.m.7 views

WordPress Clasifico Listing plugin <= 2.0 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Alyudin Nafiie in WordPress Plugin Clasifico Listing versions = 2.0...

9.8CVSS5.5AI score0.00413EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 3:25 a.m.4 views

CVE-2025-12882 Clasifico Listing <= 2.0 - Unauthenticated Privilege Escalation

The Clasifico Listing plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0. This is due to the plugin allowing users who are registering new accounts to set their own role by supplying the 'listinguserrole' parameter. This makes it possible for...

9.8CVSS5.5AI score0.00413EPSS
Exploits0References2
CVE
CVE
added 2026/02/19 3:25 a.m.16 views

CVE-2025-12882

CVE-2025-12882 relates to the Clasifico Listing plugin for WordPress. It affects versions up to and including 2.0, where unauthenticated users registering new accounts can set their own role via the listing_user_role parameter, enabling privilege escalation to the administrator role. The CVSS v3....

9.8CVSS5.5AI score0.00413EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/19 3:25 a.m.34 views

CVE-2025-12882 Clasifico Listing <= 2.0 - Unauthenticated Privilege Escalation

The Clasifico Listing plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0. This is due to the plugin allowing users who are registering new accounts to set their own role by supplying the 'listinguserrole' parameter. This makes it possible for...

9.8CVSS0.00413EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.9 views

PT-2026-20588

Name of the Vulnerable Software and Affected Versions Clasifico Listing plugin for WordPress versions prior to 2.1 Description The Clasifico Listing plugin for WordPress allows users registering new accounts to set their own role using the listing user role parameter. This can allow unauthenticat...

9.8CVSS5.2AI score0.00413EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.12 views

WordPress plugin Clasifico Listing 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

9.8CVSS5.8AI score0.00413EPSS
Exploits0References2
Rows per page
Query Builder