Lucene search
K

6 matches found

Nuclei
Nuclei
added yesterday11 views

ListingPro < 2.6.1 - Arbitrary Plugin Installation/Activation/Deactivation

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...

9.8CVSS7.2AI score0.04304EPSS
Exploits1References2
Circl
Circl
added 2025/09/24 1:50 p.m.7 views

CVE-2020-36719

creationtimestamp| type| source ---|---|--- 2025-09-24 13:50:13+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-36719.yaml...

9.8CVSS8.7AI score0.04304EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:9 p.m.9 views

CVE-2020-36719

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...

9.8CVSS6.6AI score0.04304EPSS
Exploits1References1
NVD
NVD
added 2023/06/07 2:15 a.m.18 views

CVE-2020-36719

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...

9.8CVSS9.4AI score0.04304EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/06/07 1:51 a.m.8 views

CVE-2020-36719 ListingPro - WordPress Directory & Listing Theme < 2.6.1 - Arbitrary Plugin Installation, Activation and Deactivation

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...

9.8CVSS7.2AI score0.04304EPSS
Exploits1References3
CVE
CVE
added 2023/06/07 1:51 a.m.62 views

CVE-2020-36719

CVE-2020-36719 concerns ListingPro (WordPress Directory & Listing Theme) prior to version 2.6.1. The root cause is a missing capability check in the lp_cc_addons_actions function, allowing unauthenticated attackers to arbitrarily install, activate, and deactivate plugins. Documented impacts inclu...

9.8CVSS9.1AI score0.04304EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder