Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CridioListingpro*

12 matches found

CVE
CVEadded 2019/12/26 3:15 p.m.65 views

CVE-2019-19540

The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage.

6.1CVSS6AI score0.0019EPSS
CVE
CVEadded 2019/12/26 3:15 p.m.59 views

CVE-2019-19542

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page.

5.4CVSS5.3AI score0.00162EPSS
CVE
CVEadded 2019/12/26 3:15 p.m.56 views

CVE-2019-19541

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page.

5.4CVSS5.3AI score0.00162EPSS
CVE
CVEadded 2024/08/01 9:15 p.m.48 views

CVE-2024-39619

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3.

9.8CVSS9.2AI score0.00452EPSS
CVE
CVEadded 2024/08/29 3:15 p.m.45 views

CVE-2024-39620

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro allows SQL Injection.This issue affects ListingPro: from n/a through 2.9.4.

8.8CVSS9AI score0.00346EPSS
CVE
CVEadded 2024/08/29 3:15 p.m.43 views

CVE-2024-38795

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro allows SQL Injection.This issue affects ListingPro: from n/a through 2.9.4.

9.8CVSS9.7AI score0.00571EPSS
CVE
CVEadded 2024/08/29 3:15 p.m.43 views

CVE-2024-39622

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro.This issue affects ListingPro: from n/a through 2.9.4.

9.8CVSS9.7AI score0.00255EPSS
CVE
CVEadded 2024/08/01 9:15 p.m.43 views

CVE-2024-39624

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3.

8.8CVSS8.5AI score0.0044EPSS
CVE
CVEadded 2025/01/02 1:15 p.m.42 views

CVE-2024-39623

Cross-Site Request Forgery (CSRF) vulnerability in CridioStudio ListingPro allows Authentication Bypass.This issue affects ListingPro: from n/a through 2.9.4.

8.8CVSS8.8AI score0.00124EPSS
CVE
CVEadded 2024/08/01 9:15 p.m.38 views

CVE-2024-39621

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3.

8CVSS8.1AI score0.00428EPSS
CVE
CVEadded 2023/06/07 2:15 a.m.32 views

CVE-2020-36719

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lp_cc_addons_actions function. This makes it possible for unauthenticated attacke...

9.8CVSS9.1AI score0.00866EPSS
CVE
CVEadded 2023/06/07 2:15 a.m.26 views

CVE-2020-36723

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the ~/listingpro-plugin/functions.php file. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, full names, email ...

5.3CVSS5AI score0.00271EPSS