7 matches found
CVE-2025-13920
The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdkpublicaction AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user...
CVE-2025-13920
The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdkpublicaction AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user...
CVE-2025-13920
The CVE-2025-13920 entry concerns the WP Directory Kit WordPress plugin, specifically versions up to and including 1.4.9. Affected component: the wdk_public_action AJAX handler, which allows unauthenticated access to sensitive information. The connected Nuclei template confirms unauthenticated em...
CVE-2023-2278
The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdkpublicaction' function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those...
CVE-2023-2278
The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdkpublicaction' function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those...
PT-2023-18686 · WordPress · Wp Directory Kit
Name of the Vulnerable Software and Affected Versions: WP Directory Kit plugin for WordPress versions up to, and including, 1.1.9 Description: The issue allows unauthenticated attackers to include and execute arbitrary files on the server via the wdk public action function. This enables the...
WordPress Plugin WP Directory Kit 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exists ...