17 matches found
CVE-2026-39566
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
CVE-2026-39566
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
CVE-2026-27387
Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.26...
PT-2026-20665
Missing Authorization vulnerability in designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.25...
EUVD-2024-37600
Malicious code in bioql PyPI...
CVE-2023-37967
Missing Authorization vulnerability in Designinvento DirectoryPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through 3.6.2...
CVE-2025-32249
Cross-Site Request Forgery CSRF vulnerability in Designinvento DirectoryPress directorypress allows Cross Site Request Forgery.This issue affects DirectoryPress: from n/a through = 3.6.22...
CVE-2024-38755
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Designinvento DirectoryPress allows SQL Injection.This issue affects DirectoryPress: from n/a through 3.6.10...
CVE-2024-32567
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.7...
CVE-2024-49633
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Designinvento DirectoryPress directorypress allows Reflected XSS.This issue affects DirectoryPress: from n/a through = 3.6.19...
CVE-2024-49633
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Designinvento DirectoryPress directorypress allows Reflected XSS.This issue affects DirectoryPress: from n/a through = 3.6.19...
CVE-2024-38755
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Designinvento DirectoryPress allows SQL Injection.This issue affects DirectoryPress: from n/a through 3.6.10...
CVE-2024-38755 WordPress DirectoryPress plugin <= 3.6.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Designinvento DirectoryPress allows SQL Injection.This issue affects DirectoryPress: from n/a through 3.6.10...
CVE-2024-38755
CVE-2024-38755 concerns the DirectoryPress WordPress plugin (
CVE-2024-32567
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.7...
CVE-2024-32567
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.7...
CVE-2024-32567
CVE-2024-32567 is a Reflected XSS in DirectoryPress (DirectoryPress – Business Directory And Classified Ad Listing) for WordPress, caused by improper input neutralization during web page generation. Affected vendor/product: DirectoryPress, affected versions are up to 3.6.7 (from the initial descr...