115 matches found
WordPress plugin DirectoryPress 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
WordPress DirectoryPress plugin <= 3.6.19 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin DirectoryPress versions = 3.6.19...
CVE-2024-10584
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
CVE-2024-10584
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
CVE-2024-10584 DirectoryPress <= 3.6.16 - Authenticated (Author+) Stored Cross-Site Scripting
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
CVE-2024-10584
CVE-2024-10584 affects the DirectoryPress – Business Directory And Classified Ad Listing WordPress plugin. It is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to 3.6.16 due to insufficient input sanitization/output escaping. Exploitation requires authenticated ...
CVE-2024-10584 DirectoryPress <= 3.6.16 - Authenticated (Author+) Stored Cross-Site Scripting
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
WordPress DirectoryPress plugin <= 3.6.16 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin DirectoryPress versions = 3.6.16...
WordPress plugin DirectoryPress 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
PT-2024-16383 · WordPress · Directorypress
Name of the Vulnerable Software and Affected Versions: DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress versions up to, and including, 3.6.16 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input...
CVE-2023-37967
Missing Authorization vulnerability in Designinvento DirectoryPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through 3.6.2...
CVE-2023-37967
Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.2...
CVE-2023-37967 WordPress DirectoryPress plugin <= 3.6.2 - Unauthenticated Broken Access Control Vulnerability
Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.2...
CVE-2023-37967 WordPress DirectoryPress plugin <= 3.6.2 - Unauthenticated Broken Access Control Vulnerability
Missing Authorization vulnerability in Designinvento DirectoryPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through 3.6.2...
CVE-2023-37967
CVE-2023-37967 is a vulnerability in the WordPress plugin DirectoryPress (
WordPress plugin DirectoryPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-12669 · Unknown · Directorypress
Name of the Vulnerable Software and Affected Versions: DirectoryPress versions 3.6.2 and earlier Description: The issue is related to a missing authorization vulnerability in Designinvento DirectoryPress, which allows exploiting incorrectly configured access control security levels. This problem...
CVE-2024-38755
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Designinvento DirectoryPress allows SQL Injection.This issue affects DirectoryPress: from n/a through 3.6.10...
CVE-2024-38755
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Designinvento DirectoryPress allows SQL Injection.This issue affects DirectoryPress: from n/a through 3.6.10...
CVE-2024-38755 WordPress DirectoryPress plugin <= 3.6.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Designinvento DirectoryPress allows SQL Injection.This issue affects DirectoryPress: from n/a through 3.6.10...