CVE-2025-13851

CVE-2025-13851 concerns Buyent Theme with Buyent Classified Plugin (

CVE-2025-13851 Buyent Theme (with Buyent Classified Plugin) <= 1.0.7 - Unauthenticated Privilege Escalation via User Registration

The Buyent Classified plugin for WordPress bundled with Buyent theme is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugin not validating or restricting the user role during registration via the REST API endpoint. This...

WordPress plugin Buyent Classified 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-20608

Name of the Vulnerable Software and Affected Versions Buyent Classified plugin for WordPress versions up to and including 1.0.7 Description The Buyent Classified plugin for WordPress, when bundled with the Buyent theme, has a flaw that allows unauthorized privilege escalation through the user...

CVE-2025-12953 Classified Listing – AI-Powered Classified ads & Business Directory Plugin <= 5.2.0 - Missing Authorization to Authenticated (Subscriber+) Listing Types Tampering

The Classified Listing – AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the "rtclajaxaddlistingtype", "rtclajaxupdatelistingtype", and "rtclajaxdeletelistingtype" function in all...