829 matches found
Motors Car Dealer & Classified Ads <= 1.4.0 - Unauthenticated settings import/export
includes/options.php in the motors-car-dealership-classified-listings aka Motors - Car Dealer & Classified Ads plugin through 1.4.0 for WordPress allows unauthenticated options changes. id: CVE-2019-17228 info: name: Motors Car Dealer & Classified Ads = 1.4.0 - Unauthenticated settings...
CVE-2026-10779
The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.4.2. This is due to a missing capability/ownership check on the galleryimageupdateasfeature AJAX handler action:...
EUVD-2026-37978
The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.4.2. This is due to a missing capability/ownership check on the galleryimageupdateasfeature AJAX handler action:...
CVE-2026-10779
CVE-2026-10779 affects the WordPress Classified Listing plugin (versions
CVE-2026-10779 Classified Listing <= 5.4.2 - Missing Authorization to Authenticated (Subscriber+) Feature Modification via Multiple AJAX Handlers ('listingId'/'id' Parameters)
The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.4.2. This is due to a missing capability/ownership check on the galleryimageupdateasfeature AJAX handler action:...
CVE-2026-10779
The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.4.2. This is due to a missing capability/ownership check on the galleryimageupdateasfeature AJAX handler action:...
PT-2026-50830
Name of the Vulnerable Software and Affected Versions Classified Listing – Classified ads & Business Directory versions prior to 5.4.3 Description The plugin contains a missing authorization flaw in the gallery image update as feature AJAX handler action: rtcl fb gallery image update as feature...
WordPress Classified Listing – AI-Powered Classified ads & Business Directory plugin <= 5.4.2 - Missing Authorization to Authenticated (Subscriber+) Feature Modification vulnerability
Missing Authorization to Authenticated Subscriber+ Feature Modification vulnerability discovered by Ben Tamam Ben Tamam in WordPress Plugin Classified Listing versions = 5.4.2...
CVE-2026-42658
Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...
CVE-2026-42651
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
CVE-2026-42640
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...
CVE-2026-42658
The CVE-2026-42658 entry concerns the WordPress Classified Listing plugin, affected versions
CVE-2026-42658 WordPress Classified Listing plugin <= 5.3.8 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...
EUVD-2026-36823
Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...
CVE-2026-42658 WordPress Classified Listing plugin <= 5.3.8 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...
EUVD-2026-36819
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
CVE-2026-42651
CVE-2026-42651 affects the WordPress Classified Listing plugin (versions
CVE-2026-42651 WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
CVE-2026-42651 WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
CVE-2026-42640 WordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...