CVE-2026-27396 WordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through = 2.5.6...

CVE-2025-64243

CVE-2025-64243 concerns the WordPress plugin Directory Pro (versions

CVE-2025-52748 WordPress Directory Pro plugin <= 2.5.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Directory Pro directory-pro allows Reflected XSS.This issue affects Directory Pro: from n/a through = 2.5.5...

CVE-2025-52748

CVE-2025-52748 concerns the WordPress Directory Pro plugin (directory-pro) up to version 2.5.5. Affected component: directory-pro within Directory Pro. Root cause: improper handling/neutralization of user input during web page generation, enabling Reflected Cross-Site Scripting (XSS). Impact is d...

CVE-2025-57948

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Directory Pro directory-pro allows DOM-Based XSS.This issue affects Directory Pro: from n/a through = 2.5.5...

CVE-2025-57948

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Directory Pro directory-pro allows DOM-Based XSS.This issue affects Directory Pro: from n/a through = 2.5.5...

CVE-2025-57948 WordPress Directory Pro Plugin <= 2.5.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Directory Pro directory-pro allows DOM-Based XSS.This issue affects Directory Pro: from n/a through = 2.5.5...

WordPress plugin directory-pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Advanced Classifieds & Directory Pro plugin < 1.8.8 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Advanced Classifieds & Directory Pro plugin versions 1.8.8. Solution Update the WordPress Advanced Classifieds & Directory Pro plugin to the latest available version at least 1.8.8...