Lucene search
K

6 matches found

NVD
NVD
added 2025/02/13 1:15 p.m.7 views

CVE-2024-13182

The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wpdpparserequest' function. This makes it possible for unauthenticated attackers to log in as any existing user on the...

9.8CVSS0.00586EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/13 12:41 p.m.6 views

CVE-2024-13182 WP Directorybox Manager <= 2.5 - Authentication Bypass

The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wpdpparserequest' function. This makes it possible for unauthenticated attackers to log in as any existing user on the...

9.8CVSS7.1AI score0.00586EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/10 10:26 p.m.11 views

CVE-2025-0316

The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wpdpenquiryagentcontactformsubmitcallback' function. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS7.1AI score0.00691EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/02/08 9:20 p.m.9 views

CVE-2025-0316 WP Directorybox Manager <= 2.5 - Authentication Bypass

The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wpdpenquiryagentcontactformsubmitcallback' function. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS9.7AI score0.00691EPSS
Exploits2References2
CVE
CVE
added 2025/02/08 9:20 p.m.112 views

CVE-2025-0316

CVE-2025-0316 affects the WordPress plugin WP Directorybox Manager (versions &lt;= 2.5). Affected component: authentication logic in wp_dp_enquiry_agent_contact_form_submit_callback leads to an authentication bypass, allowing unauthenticated users who know a username to log in as that user (e.g.,...

9.8CVSS9.6AI score0.00691EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/02/08 9:20 p.m.24 views

CVE-2025-0316 WP Directorybox Manager <= 2.5 - Authentication Bypass

The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wpdpenquiryagentcontactformsubmitcallback' function. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS0.00691EPSS
Exploits2References2
Rows per page
Query Builder