6 matches found
ListingPro < 2.6.1 - Arbitrary Plugin Installation/Activation/Deactivation
The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...
CVE-2020-36719
creationtimestamp| type| source ---|---|--- 2025-09-24 13:50:13+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-36719.yaml...
CVE-2020-36719
The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...
CVE-2020-36719
The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...
CVE-2020-36719 ListingPro - WordPress Directory & Listing Theme < 2.6.1 - Arbitrary Plugin Installation, Activation and Deactivation
The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...
CVE-2020-36719
CVE-2020-36719 concerns ListingPro (WordPress Directory & Listing Theme) prior to version 2.6.1. The root cause is a missing capability check in the lp_cc_addons_actions function, allowing unauthenticated attackers to arbitrarily install, activate, and deactivate plugins. Documented impacts inclu...