PT-2026-4178

Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through = 1.4.2...

PT-2026-4044

Name of the Vulnerable Software and Affected Versions Lawyer Directory versions through 1.3.3 Description An incorrect privilege assignment exists in the Lawyer Directory application, potentially allowing privilege escalation. Recommendations Update Lawyer Directory to a version later than 1.3.3...

PT-2026-4187

Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through = 1.2.5...

CVE-2025-12551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins ListingHub listinghub allows Reflected XSS.This issue affects ListingHub: from n/a through 1.2.6...

CVE-2025-12551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins ListingHub listinghub allows Reflected XSS.This issue affects ListingHub: from n/a through 1.2.6...

CVE-2025-69085

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins JobBank jobbank allows Reflected XSS.This issue affects JobBank: from n/a through = 1.2.2...

PT-2026-1698

Name of the Vulnerable Software and Affected Versions e-plugins ListingHub versions through 1.2.6 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-site Scripting XSS condition. This allows an attacker to inje...

PT-2026-1465

Name of the Vulnerable Software and Affected Versions e-plugins JobBank versions through 1.2.2 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker to...

EUVD-2025-204189

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...

CVE-2025-58710

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...

CVE-2025-64243

Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through = 2.5.6...

EUVD-2025-38139

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Institutions Directory institutions-directory allows Reflected XSS.This issue affects Institutions Directory: from n/a through = 1.3.3...

CVE-2025-58638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Institutions Directory institutions-directory allows Reflected XSS.This issue affects Institutions Directory: from n/a through = 1.3.3...

PT-2025-45248

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Institutions Directory institutions-directory allows Reflected XSS.This issue affects Institutions Directory: from n/a through = 1.3.3...

CVE-2025-52748

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Directory Pro directory-pro allows Reflected XSS.This issue affects Directory Pro: from n/a through = 2.5.5...

CVE-2025-52748

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Directory Pro directory-pro allows Reflected XSS.This issue affects Directory Pro: from n/a through = 2.5.5...

PT-2025-43235

Name of the Vulnerable Software and Affected Versions e-plugins Directory Pro versions through 2.5.5 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Reflected Cross-site Scripting XSS condition. This allows an attacker ...

PT-2025-38798

Name of the Vulnerable Software and Affected Versions e-plugins Directory Pro versions through 2.5.5 Description The software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-site Scripting issue. This allows for potential malicious code...

CVE-2025-54717

Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through = 1.6.3...

CVE-2025-54717

CVE-2025-54717 affects the WordPress WP Membership plugin (versions up to 1.6.3). It is a Missing Authorization flaw due to incorrectly configured access control security levels, enabling a settings change vulnerability. Remediation: upgrade WP Membership to a version later than 1.6.3 (per Patchs...