15 matches found
PT-2026-49404
Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...
WordPress plugin Business Directory Plugin 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2023-50845
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or...
CVE-2025-68887 WordPress WP-BusinessDirectory plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through = 4.0.1...
CVE-2025-64630 WordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through = 6.4.19...
CVE-2025-64630 WordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through = 6.4.19...
CVE-2025-67596 WordPress Business Directory plugin <= 6.4.19 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through = 6.4.19...
CVE-2023-41798
Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist – WordPress Business Directory Plugin with Classified Ads Listings: from n/a through 7.7.1...
WordPress Business Directory Plugin Plugin <= 6.4.3 is vulnerable to CSV Injection
Software Business Directory Plugin Type Plugin Vulnerable versions = 6.4.3 Fixed in 6.4.4 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2023-5527 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID fa4533c87625 Credits Dmitrii Ignatyev Required privilege Auth...
WordPress Business Directory Plugin Plugin <= 6.4.2 is vulnerable to SQL Injection
Software Business Directory Plugin Type Plugin Vulnerable versions = 6.4.2 Fixed in 6.4.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4443 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID e684c455bb1f Credits Krzysztof Zając Required privilege...
CVE-2023-50845
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or...
CVE-2023-41798
CVE-2023-41798 is a CSV injection vulnerability affecting the Directorist – WordPress Business Directory Plugin with Classified Ads Listings, specifically versions 7.7.1 and earlier. The root cause is improper neutralization of formulas in CSV files used by the plugin. Impact involves potential d...
WordPress Business Directory Plugin <= 5.11.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by 0xB9 in WordPress Business Directory Plugin versions = 5.11.1. Solution Update the WordPress Business Directory Plugin to the latest available version at least 5.11.2...
WordPress Business Directory Plugin <= 5.11.1 - Arbitrary Listing Export vulnerability
Arbitrary Listing Export vulnerability discovered by 0xB9 in WordPress Business Directory Plugin versions = 5.11.1. Solution Update the WordPress Business Directory Plugin to the latest available version at least 5.11.2...
WordPress Business Directory Plugin <= 5.10.1 - Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE)
Arbitrary File Upload vulnerability leading to Remote Code Execution RCE discovered by 0xB9 in WordPress Business Directory Plugin versions = 5.10.1. Solution Update the WordPress Business Directory Plugin to the latest available version at least 5.11...