WordPress WP-BusinessDirectory plugin <= 4.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin WP-BusinessDirectory versions = 4.0.0...

PT-2026-1926

Name of the Vulnerable Software and Affected Versions WP-BusinessDirectory versions through 3.1.5 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting XSS condition. This allows for the injection of...

EUVD-2020-26429

Malware in sbrugna...

EUVD-2012-1789

Malware in sbrugna...

EUVD-2025-11712

Malicious code in bioql PyPI...

EUVD-2025-10752

Malicious code in bioql PyPI...

CVE-2025-24759

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Blind SQL Injection.This issue affects WP-BusinessDirectory: from n/a through = 3.1.4...

CVE-2025-24759

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Blind SQL Injection.This issue affects WP-BusinessDirectory: from n/a through = 3.1.4...

CVE-2025-24759 WordPress WP-BusinessDirectory <= 3.1.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Blind SQL Injection.This issue affects WP-BusinessDirectory: from n/a through = 3.1.4...

CVE-2025-24759

CVE-2025-24759 refers to a SQL Injection vulnerability in the WordPress plugin WP-BusinessDirectory (CMSJunkie) that allows blind SQL injection due to improper neutralization of SQL elements. Affected: WP-BusinessDirectory

PT-2025-29775 · WordPress · Wp-Businessdirectory

Name of the Vulnerable Software and Affected Versions: WP-BusinessDirectory versions through 3.1.3 Description: The WordPress Business Directory Plugins WP-BusinessDirectory contains a SQL injection flaw. The flaw is due to improper neutralization of special elements used in an SQL command. This...

CVE-2020-5182

The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="noopener" or similar attributes such as noreferrer, the tabnabbing may occur. To reproduce the bug,...

CVE-2025-32630

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through = 3.1.2...

CVE-2025-32630 WordPress WP-BusinessDirectory Plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through = 3.1.2...

WordPress plugin WP-BusinessDirectory 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17146 · WordPress · Wp-Businessdirectory

Name of the Vulnerable Software and Affected Versions: WP-BusinessDirectory versions through 3.1.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For versions...

CVE-2025-32629

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Path Traversal.This issue affects WP-BusinessDirectory: from n/a through = 3.1.2...

CVE-2025-32629

Technical details (affected product/version, root cause, exploit vectors, remediation) are not provided in the supplied documents. Monitor for updates from the publisher to obtain concrete, actionable specifics on CVE-2025-32629.

PT-2025-16088 · WordPress · Wp-Businessdirectory

Name of the Vulnerable Software and Affected Versions: WP-BusinessDirectory versions n/a through 3.1.2 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'. This allows unauthorized access to files and directories...

pennsylvania-businessdirectory.com Cross Site Scripting vulnerability OBB-3223136

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...