Connections Business Directory Security Vulnerabilities and Issues — Connections Business Directory CVE List

Lucene search

Connections-proConnections Business Directory

3 matches found

CVE•added 2023/06/26 1:15 p.m.•31 views

CVE-2023-29437

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin

6.5CVSS5.4AI score0.00085EPSS

CVE•added 2021/11/01 9:15 a.m.•30 views

CVE-2021-24794

The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed.

4.8CVSS4.7AI score0.00287EPSS

CVE•added 2021/11/01 9:15 a.m.•28 views

CVE-2020-36503

The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue

8CVSS8AI score0.01275EPSS