222 matches found
CVE-2026-28078
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through = 2.2.0...
EUVD-2026-9736
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28078
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28078 WordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28078
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28078 WordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28078
CVE-2026-28078 describes an Improper Pathname Limitation (Path Traversal) in the WordPress plugin uListing (Stylemix uListing, listing component) that allows arbitrary file download. Affected: uListing versions from unspecified earlier up to and including 2.2.0. The initial description and Red Ha...
WordPress plugin uListing 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-23356
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28138
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through = 2.2.0...
WordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerability
Arbitrary File Download vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin uListing versions = 2.2.0...
EUVD-2026-8847
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28138
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28138
CVE-2026-28138 affects WordPress plugin uListing: versions through 2.2.0. The vulnerability is PHP object injection via deserialization of untrusted data in uListing (undisclosed root cause in provided docs). Impact is indicated as high in CVSS 3.1: high confidentiality, integrity, availability i...
CVE-2026-28138 WordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28138
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through = 2.2.0...
CVE-2026-28138 WordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through = 2.2.0...
PT-2026-22136
Name of the Vulnerable Software and Affected Versions Stylemix uListing versions through 2.2.0 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This issue impacts the uListing component. Recommendations Versions prior to and...
WordPress plugin uListing 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress Directory Listings WordPress plugin - uListing plugin <= 2.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injection vulnerability
WordPress Directory Listings WordPress plugin - uListing plugin = 2.2.0 - Missing Authorization to Authenticated Subscriber+ Arbitrary Post Meta Update and PHP Object Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin uListing versions = 2.2.0...