Lucene search
K

15 matches found

Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49404

Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...

9.9CVSS5.2AI score0.00465EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.8 views

WordPress plugin Business Directory Plugin 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.9AI score0.0032EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.5 views

CVE-2023-50845

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or...

7.6CVSS7.8AI score0.00545EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/08 9:17 a.m.29 views

CVE-2025-68887 WordPress WP-BusinessDirectory plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through = 4.0.1...

7.1CVSS0.00194EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 8:12 a.m.3 views

CVE-2025-64630 WordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through = 6.4.19...

4.9CVSS6.6AI score0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/16 8:12 a.m.28 views

CVE-2025-64630 WordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through = 6.4.19...

4.9CVSS0.00287EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:14 p.m.3 views

CVE-2025-67596 WordPress Business Directory plugin <= 6.4.19 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through = 6.4.19...

4.3CVSS6.5AI score0.00098EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:13 a.m.7 views

CVE-2023-41798

Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist – WordPress Business Directory Plugin with Classified Ads Listings: from n/a through 7.7.1...

8.8CVSS8.5AI score0.00498EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/06/17 12:0 a.m.14 views

WordPress Business Directory Plugin Plugin <= 6.4.3 is vulnerable to CSV Injection

Software Business Directory Plugin Type Plugin Vulnerable versions = 6.4.3 Fixed in 6.4.4 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2023-5527 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID fa4533c87625 Credits Dmitrii Ignatyev Required privilege Auth...

8CVSS6.8AI score0.00492EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/22 12:0 a.m.19 views

WordPress Business Directory Plugin Plugin <= 6.4.2 is vulnerable to SQL Injection

Software Business Directory Plugin Type Plugin Vulnerable versions = 6.4.2 Fixed in 6.4.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4443 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID e684c455bb1f Credits Krzysztof Zając Required privilege...

9.8CVSS6.7AI score0.10272EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/12/28 7:15 p.m.16 views

CVE-2023-50845

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or...

7.6CVSS0.00545EPSS
Exploits0References1
CVE
CVE
added 2023/11/07 5:19 p.m.91 views

CVE-2023-41798

CVE-2023-41798 is a CSV injection vulnerability affecting the Directorist – WordPress Business Directory Plugin with Classified Ads Listings, specifically versions 7.7.1 and earlier. The root cause is improper neutralization of formulas in CSV files used by the plugin. Impact involves potential d...

8.8CVSS8.5AI score0.00498EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2021/04/12 12:0 a.m.21 views

WordPress Business Directory Plugin <= 5.11.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by 0xB9 in WordPress Business Directory Plugin versions = 5.11.1. Solution Update the WordPress Business Directory Plugin to the latest available version at least 5.11.2...

5.4CVSS2.1AI score0.00645EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2021/04/12 12:0 a.m.16 views

WordPress Business Directory Plugin <= 5.11.1 - Arbitrary Listing Export vulnerability

Arbitrary Listing Export vulnerability discovered by 0xB9 in WordPress Business Directory Plugin versions = 5.11.1. Solution Update the WordPress Business Directory Plugin to the latest available version at least 5.11.2...

6.5CVSS3.2AI score0.00708EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2021/04/11 12:0 a.m.13 views

WordPress Business Directory Plugin <= 5.10.1 - Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE)

Arbitrary File Upload vulnerability leading to Remote Code Execution RCE discovered by 0xB9 in WordPress Business Directory Plugin versions = 5.10.1. Solution Update the WordPress Business Directory Plugin to the latest available version at least 5.11...

8.8CVSS4.8AI score0.00672EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder