115 matches found
CVE-2026-3489
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
WordPress DirectoryPress - Business Directory And Classified Ad Listing plugin <= 3.6.26 - Unauthenticated SQL Injection via 'packages' vulnerability
WordPress DirectoryPress - Business Directory And Classified Ad Listing plugin = 3.6.26 - Unauthenticated SQL Injection via 'packages' vulnerability discovered by Leonid Semenenko lsemenenko in WordPress Plugin DirectoryPress versions = 3.6.26...
EUVD-2026-23223
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
CVE-2026-3489
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
CVE-2026-3489
The CVE-2026-3489 entry concerns the DirectoryPress WordPress plugin (Business Directory and Classified Ad Listing) with vulnerable versions up to 3.6.26. The issue is an SQL Injection via the 'packages' parameter caused by insufficient escaping of user input and inadequate SQL query preparation,...
CVE-2026-3489 DirectoryPress – Business Directory And Classified Ad Listing <= 3.6.26 - Unauthenticated SQL Injection via 'packages'
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
CVE-2026-3489
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
CVE-2026-3489 DirectoryPress – Business Directory And Classified Ad Listing <= 3.6.26 - Unauthenticated SQL Injection via 'packages'
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
PT-2026-33309
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
WordPress plugin DirectoryPress – Business Directory And Classified Ad Listing 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...
CVE-2026-39566
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
EUVD-2026-20213
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
CVE-2026-39566
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
CVE-2026-39566
CVE-2026-39566 corresponds to a vulnerability in the WordPress DirectoryPress plugin (versions <= 3.6.26). The issue is described as Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data within DirectoryPress directorypress. A...
CVE-2026-39566 WordPress DirectoryPress plugin <= 3.6.26 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
CVE-2026-39566
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
CVE-2026-39566 WordPress DirectoryPress plugin <= 3.6.26 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
WordPress plugin DirectoryPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...
PT-2026-31157
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...
WordPress DirectoryPress plugin <= 3.6.26 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin DirectoryPress versions = 3.6.26...