Lucene search
K

235 matches found

Nuclei
Nuclei
added 15 hours ago111 views

Directorist < 7.5.4 - Local File Inclusion

Directorist before 7.5.4 is susceptible to Local File Inclusion as it does not validate the file parameter when importing CSV files. id: CVE-2023-2252 info: name: Directorist 7.5.4 - Local File Inclusion author: r3Y3r53 severity: low description: | Directorist before 7.5.4 is susceptible to Local...

2.7CVSS6.6AI score0.01342EPSS
Exploits2References3
Nuclei
Nuclei
added 15 hours ago67 views

WordPress Directorist <7.3.1 - Information Disclosure

WordPress Directorist plugin before 7.3.1 is susceptible to information disclosure. The plugin discloses the email address of all users in an AJAX action available to both unauthenticated and authenticated users. id: CVE-2022-2376 info: name: WordPress Directorist 7.3.1 - Information Disclosure...

5.3CVSS6.2AI score0.01408EPSS
Exploits2References5
NVD
NVD
added 2 days ago6 views

CVE-2026-59518

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS0.00313EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-59518 WordPress Directorist plugin <= 8.8.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS0.00313EPSS
Exploits0References1
CVE
CVE
added 2 days ago13 views

CVE-2026-59518

CVE-2026-59518 affects the WordPress Directorist plugin (Directorist) versions up to 8.8.2. It is a PHP object-injection vulnerability caused by deserialization of untrusted data, with CVSS v3.1 base score 9.8 (Network, Low attack complexity, No privileges, No user interaction; Confidentiality/In...

9.8CVSS6.1AI score0.00313EPSS
Exploits0References1
Patchstack
Patchstack
added 6 days ago6 views

WordPress Directorist plugin <= 8.8.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by dutafi in WordPress Plugin Directorist versions = 8.8.2...

9.8CVSS6.1AI score0.00313EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/17 1:20 p.m.11 views

CVE-2026-49073

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...

8.5CVSS0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:23 p.m.24 views

CVE-2026-49073 WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...

8.5CVSS0.00205EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:23 p.m.18 views

CVE-2026-49073

Summary: CVE-2026-49073 affects the WordPress plugin Directorist Booking (wpWax Directorist Booking) versions up to 3.0.3. The issue is an SQL Injection in the plugin, allowing blind SQL injection through improper neutralization of special elements in SQL commands. The CVSSBase score is 8.5 (HIGH...

8.5CVSS5.6AI score0.00205EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-50125

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...

8.5CVSS5.6AI score0.00205EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/08 2:11 p.m.11 views

WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by dutafi in WordPress Plugin Directorist Booking versions = 3.0.3...

8.5CVSS5.7AI score0.00205EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/29 12:59 a.m.5 views

CVE-2026-22336

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2...

9.3CVSS5.6AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/29 12:59 a.m.10 views

CVE-2026-22337

Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4...

9.8CVSS5.2AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2026/04/27 11:16 a.m.15 views

CVE-2026-22337

Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4...

9.8CVSS0.00321EPSS
Exploits0References1
NVD
NVD
added 2026/04/27 11:16 a.m.10 views

CVE-2026-22336

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2...

9.3CVSS0.00283EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 10:31 a.m.3 views

CVE-2026-22337

Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4...

9.8CVSS5.2AI score0.00321EPSS
Exploits0References2
CVE
CVE
added 2026/04/27 10:31 a.m.8 views

CVE-2026-22337

CVE-2026-22337 is a vulnerability in the WordPress plugin Directorist Social Login (directorist-social-login) described as an Incorrect Privilege Assignment that enables Privilege Escalation. Public sources specify affected versions as before 2.1.4 (NVD) and up to 2.1.1/2.1.4 in various advisorie...

9.8CVSS5.2AI score0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/27 10:31 a.m.33 views

CVE-2026-22337 WordPress Directorist Social Login plugin < 2.1.4 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4...

9.8CVSS0.00321EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/27 10:31 a.m.10 views

EUVD-2026-25814

Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4...

9.8CVSS5.2AI score0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 10:31 a.m.5 views

CVE-2026-22337 WordPress Directorist Social Login plugin < 2.1.4 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4...

9.8CVSS5.2AI score0.00321EPSS
Exploits0References1
Rows per page
Query Builder