CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/12/18 7:22 a.m.•3 views

CVE-2025-64377 WordPress ListingPro theme < 2.9.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CridioStudio ListingPro listingpro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.10...

8.1CVSS6.7AI score0.00344EPSS

Cvelist•added 2025/12/18 7:22 a.m.•24 views

CVE-2025-63039 WordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through = 2.9.9...

6.5CVSS0.00212EPSS

Patchstack•added 2025/11/06 3:28 p.m.•3 views

WordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Theme ListingPro versions = 2.9.9...

6.5CVSS7AI score0.00212EPSS

Patchstack•added 2025/10/19 6:5 a.m.•3 views

WordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme ListingPro versions = 2.9.9...

5.3CVSS7AI score0.00214EPSS

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-2019-9159

Malware in sbrugna...

5.4CVSS5.6AI score0.00717EPSS

Exploits2References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2019-9158

Malware in sbrugna...

6.1CVSS6.3AI score0.00934EPSS

Exploits2References2

Patchstack•added 2025/09/12 8:58 a.m.•2 views

WordPress ListingPro theme < 2.9.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme ListingPro versions 2.9.10...

7.5CVSS7AI score0.00174EPSS

RedhatCVE•added 2025/05/22 3:35 p.m.•5 views

CVE-2020-36723

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the /listingpro-plugin/functions.php file. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, full names, email...

5.3CVSS6.5AI score0.01608EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 8:36 a.m.•8 views

CVE-2019-19541

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page...

5.4CVSS6AI score0.00717EPSS

RedhatCVE•added 2025/05/22 8:34 a.m.•10 views

CVE-2019-19540

The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage...

6.1CVSS6AI score0.00934EPSS

RedhatCVE•added 2025/05/22 7:55 a.m.•6 views

CVE-2019-19542

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page...

5.4CVSS6AI score0.00717EPSS

Vulnrichment•added 2025/01/02 12:56 p.m.•9 views

CVE-2024-39623 WordPress ListingPro theme <= 2.9.4 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability

Cross-Site Request Forgery CSRF vulnerability in CridioStudio ListingPro listingpro allows Authentication Bypass.This issue affects ListingPro: from n/a through = 2.9.4...

8.8CVSS5.1AI score0.00274EPSS

Cvelist•added 2025/01/02 12:56 p.m.•21 views

CVE-2024-39623 WordPress ListingPro theme <= 2.9.4 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability

Cross-Site Request Forgery CSRF vulnerability in CridioStudio ListingPro listingpro allows Authentication Bypass.This issue affects ListingPro: from n/a through = 2.9.4...

8.8CVSS0.00274EPSS

Patchstack•added 2024/07/22 1:36 p.m.•4 views

WordPress ListingPro theme <= 2.9.4 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability

Cross Site Request Forgery CSRF to Account Takeover vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme ListingPro versions = 2.9.4...

8.8CVSS6.9AI score0.00274EPSS

Patchstack•added 2024/07/22 1:32 p.m.•2 views

WordPress ListingPro theme <= 2.9.4 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme ListingPro versions = 2.9.4...

9.8CVSS8.1AI score0.00462EPSS

CNNVD•added 2023/06/07 12:0 a.m.•3 views

WordPress Theme ListingPro - WordPress Directory & Listing 安全漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. WordPress Theme ListingPro - A security vulnerability exists in WordPress Directory & Listing version...

5.3CVSS5.7AI score0.01608EPSS

Exploits1References4

CNVD•added 2019/12/27 12:0 a.m.•5 views

WordPress ListingPro theme cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.ListingPro theme is a directory website theme plugin used in it. A cross-site scripting vulnerability exists in WordPress...

5.4CVSS6.2AI score0.00717EPSS

CNVD•added 2019/12/27 12:0 a.m.•4 views

WordPress ListingPro theme cross-site scripting vulnerability (CNVD-2020-01190)

5.4CVSS6.2AI score0.00717EPSS