Lucene search
+L

8 matches found

CVE
CVE
added 2019/12/26 2:33 p.m.85 views

CVE-2019-19540

CVE-2019-19540 affects the ListingPro WordPress Directory Theme prior to v2.0.14.2. The vulnerability is a Reflected XSS via the “What” field on the homepage, arising from insufficient input validation. The impact is documentable as a cross-site scripting flaw, with multiple sources confirming th...

6.1CVSS6AI score0.00934EPSS
CVE
CVE
added 2019/12/26 2:33 p.m.77 views

CVE-2019-19542

CVE-2019-19542 affects the ListingPro WordPress Directory Theme prior to v2.0.14.2, where a Persistent XSS vulnerability exists via the Good For field on the new listing submit page. Multiple sources (NVD, Red Hat, CNVD/WPVulndb, CVE.org) confirm a stored/reflected cross-site scripting flaw in Li...

5.4CVSS5.3AI score0.00717EPSS
CVE
CVE
added 2019/12/26 2:33 p.m.72 views

CVE-2019-19541

CVE-2019-19541 affects the ListingPro WordPress Directory Theme prior to v2.0.14.2, exposing a persistent XSS vulnerability via the Best Day/Night field on the new listing submit page. Public details in connected records describe the vulnerable input fields and the exploit path, including known P...

5.4CVSS5.3AI score0.00717EPSS
Web
CVE
CVE
added 2024/08/01 8:44 p.m.68 views

CVE-2024-39619

CVE-2024-39619 is a Path Traversal vulnerability in ListingPro (WordPress plugin/theme project) that allows PHP Local File Inclusion. Affected: ListingPro listing plugin versions up to 2.9.3 (and related listings in patch sources). Root cause per sources: improper limitation of a pathname to a re...

9.8CVSS5.9AI score0.00553EPSS
CVE
CVE
added 2025/01/02 12:56 p.m.65 views

CVE-2024-39623

CVE-2024-39623 is a CSRF-to-authentication-bypass/vulnerability affecting the ListingPro WordPress theme (ListingPro:

8.8CVSS5.9AI score0.00279EPSS
CVE
CVE
added 2024/08/01 8:40 p.m.64 views

CVE-2024-39624

CVE-2024-39624: WordPress ListingPro Listing Theme

8.8CVSS5.9AI score0.00525EPSS
CVE
CVE
added 2024/08/01 8:42 p.m.56 views

CVE-2024-39621

CVE-2024-39621 describes a path traversal vulnerability in ListingPro (WordPress plugin) that allows PHP local file inclusion in versions up to 2.9.3. Multiple connected sources confirm the issue originates from improper pathname limitation, enabling access to restricted directories and potential...

8CVSS5.9AI score0.00521EPSS
CVE
CVE
added 2023/06/07 1:51 a.m.44 views

CVE-2020-36723

CVE-2020-36723 affects ListingPro — WordPress Directory & Listing Theme. Versions prior to 2.6.1 are vulnerable to sensitive data exposure via the ~/listingpro-plugin/functions.php file, allowing unauthenticated attackers to extract usernames, full names, email addresses, phone numbers, physical ...

5.3CVSS5AI score0.01608EPSS
In wild