Geodirectory Security Vulnerabilities and Issues — Geodirectory CVE List

Lucene search

AyecodeGeodirectory

4 matches found

CVE•added 2024/04/23 10:15 a.m.•53 views

CVE-2024-3732

The GeoDirectory – WordPress Business Directory Plugin, or Classified Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gd_single_tabs' shortcode in all versions up to, and including, 2.3.48 due to insufficient input sanitization and output escaping on us...

6.4CVSS5.8AI score0.0008EPSS

CVE•added 2024/08/18 10:15 p.m.•41 views

CVE-2024-43145

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61.

8.8CVSS8.9AI score0.00555EPSS

CVE•added 2024/10/28 7:15 p.m.•41 views

CVE-2024-50437

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AyeCode GeoDirectory allows Stored XSS.This issue affects GeoDirectory: from n/a through 2.3.80.

6.5CVSS6.7AI score0.0005EPSS

CVE•added 2024/11/01 3:15 p.m.•39 views

CVE-2024-43981

Missing Authorization vulnerability in AyeCode – WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: from n/a through 2.3.70.

8.8CVSS5.7AI score0.0014EPSS