Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AyecodeGeodirectory*

9 matches found

CVE
CVEadded 2023/12/28 7:15 p.m.66 views

CVE-2023-50845

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or ...

7.6CVSS7.7AI score0.00291EPSS
CVE
CVEadded 2024/04/23 10:15 a.m.54 views

CVE-2024-3732

The GeoDirectory – WordPress Business Directory Plugin, or Classified Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gd_single_tabs' shortcode in all versions up to, and including, 2.3.48 due to insufficient input sanitization and output escaping on us...

6.4CVSS5.8AI score0.00109EPSS
CVE
CVEadded 2023/01/23 3:15 p.m.52 views

CVE-2022-4775

The GeoDirectory WordPress plugin before 2.2.22 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege ...

5.4CVSS5.3AI score0.00103EPSS
CVE
CVEadded 2024/08/18 10:15 p.m.42 views

CVE-2024-43145

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61.

8.8CVSS8.9AI score0.00555EPSS
CVE
CVEadded 2024/10/28 7:15 p.m.42 views

CVE-2024-50437

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AyeCode GeoDirectory allows Stored XSS.This issue affects GeoDirectory: from n/a through 2.3.80.

6.5CVSS6.7AI score0.00064EPSS
CVE
CVEadded 2024/11/01 3:15 p.m.40 views

CVE-2024-43981

Missing Authorization vulnerability in AyeCode – WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: from n/a through 2.3.70.

8.8CVSS5.7AI score0.00179EPSS
CVE
CVEadded 2025/01/02 12:15 p.m.40 views

CVE-2024-56259

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AyeCode - WP Business Directory Plugins GeoDirectory allows Stored XSS.This issue affects GeoDirectory: from n/a through 2.3.84.

6.5CVSS6.5AI score0.00037EPSS
CVE
CVEadded 2021/10/11 11:15 a.m.37 views

CVE-2021-24720

The GeoDirectory Business Directory WordPress plugin before 2.1.1.3 was vulnerable to Authenticated Stored Cross-Site Scripting (XSS).

5.4CVSS5.2AI score0.00398EPSS
CVE
CVEadded 2025/07/11 6:15 a.m.10 views

CVE-2025-6200

The GeoDirectory WordPress plugin before 2.8.120 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

5.9CVSS5.7AI score0.00046EPSS