Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2026/01/25 3:19 p.m.15 views

CVE-2025-13920

The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdkpublicaction AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user...

5.3CVSS5.4AI score0.00669EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/01/24 12:27 p.m.3 views

CVE-2025-13920

The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdkpublicaction AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user...

5.3CVSS5.9AI score0.00669EPSS
Exploits0References3
cve
cve
added 2026/01/24 12:27 p.m.27 views

CVE-2025-13920

The CVE-2025-13920 entry concerns the WP Directory Kit WordPress plugin, specifically versions up to and including 1.4.9. Affected component: the wdk_public_action AJAX handler, which allows unauthenticated access to sensitive information. The connected Nuclei template confirms unauthenticated em...

5.3CVSS5.5AI score0.00669EPSS
In wildExploits0References2
attackerkb
attackerkb
added 2023/06/13 2:15 a.m.2 views

CVE-2023-2278

The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdkpublicaction' function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those...

9.8CVSS6.5AI score0.01686EPSS
Exploits1References4
osv
osv
added 2023/06/13 2:15 a.m.6 views

CVE-2023-2278

The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdkpublicaction' function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those...

9.8CVSS7.8AI score
Exploits0References3
ptsecurity
ptsecurity
added 2023/06/13 12:0 a.m.4 views

PT-2023-18686 · WordPress · Wp Directory Kit

Name of the Vulnerable Software and Affected Versions: WP Directory Kit plugin for WordPress versions up to, and including, 1.1.9 Description: The issue allows unauthenticated attackers to include and execute arbitrary files on the server via the wdk public action function. This enables the...

9.8CVSS10AI score0.01686EPSS
Exploits1References6
cnnvd
cnnvd
added 2023/06/13 12:0 a.m.4 views

WordPress Plugin WP Directory Kit 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exists ...

9.8CVSS8.4AI score0.01686EPSS
Exploits1References4
Rows per page
Query Builder