7 matches found
CVE-2026-22336
CVE-2026-22336 affects the WordPress plugin Directorist Booking. It exposes an unauthenticated SQL Injection in versions up to 2.4.1, arising from improper neutralization of input used in SQL commands. Impact per sources is high: potential data disclosure or manipulation with no user interaction ...
CVE-2026-39509 WordPress Directorist plugin <= 8.5.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through = 8.5.10...
CVE-2026-39509 WordPress Directorist plugin <= 8.5.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through = 8.5.10...
CVE-2025-68069
CVE-2025-68069 is a Missing/Broken Access Control vulnerability in the WordPress plugin Directorist (Directorist: AI-Powered Business Directory, Listings & Classified Ads) affecting versions up to 8.6.6. The root cause is incorrectly configured access control security levels, enabling unauthorize...
CVE-2025-64250 WordPress Directorist plugin <= 8.6.6 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in wpWax Directorist directorist allows Phishing.This issue affects Directorist: from n/a through = 8.6.6...
WordPress Directorist Plugin <= 7.7.1 is vulnerable to Broken Access Control
Software Directorist Type Plugin Vulnerable versions = 7.7.1 Fixed in 7.7.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c511217f52dd Credits István Márton Required privilege...
WordPress Directorist Plugin <= 7.5.4 is vulnerable to Privilege Escalation
Software Directorist Type Plugin Vulnerable versions = 7.5.4 Fixed in 7.5.5 OWASP Top 10 A2: Broken Authentication Classification Privilege Escalation CVE CVE-2023-1888 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3e2d4eebdb38 Credits Alex Thomas Required privilege...