Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:11 a.m.13 views

CVE-2025-1570

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1. This is due to the directoristgeneratepasswordresetpincode and resetuserpassword functions...

9.8CVSS7.2AI score0.0041EPSS
Exploits0References1
Circl
Circl
added 2025/02/28 9:27 a.m.16 views

CVE-2025-1570

creationtimestamp| type| source ---|---|--- 2025-02-28 09:27:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5857 2025-02-28 10:00:46+00:00| seen| Telegram/tzst3T7SuESeL4Dw73eYpZnj8xogMY6-vkCUQFTMfYlq5w 2025-02-28 11:10:18+00:00| seen| https://t.me/cvedetector/19132 2025-02-28 11:48:48+00:0...

9.8CVSS8.7AI score0.0041EPSS
Exploits0References3
CVE
CVE
added 2025/02/28 8:23 a.m.72 views

CVE-2025-1570

CVE-2025-1570 : Directorist – AI-Powered Business Directory Plugin for WordPress suffers privilege escalation via account takeover in all versions up to and including 8.1. The root cause is inadequate controls in directorist_generate_password_reset_pin_code() and reset_user_password() that permit...

9.8CVSS8.3AI score0.0041EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/28 8:23 a.m.11 views

CVE-2025-1570 Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.1 - Privilege Escalation and Account Takeover via Weak OTP

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1. This is due to the directoristgeneratepasswordresetpincode and resetuserpassword functions...

8.1CVSS8.3AI score0.0041EPSS
Exploits0References2
Rows per page
Query Builder