Listingpro Security Vulnerabilities and Issues — Listingpro CVE List

Lucene search

CridioListingpro

4 matches found

CVE•added 2024/08/01 9:15 p.m.•48 views

CVE-2024-39619

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3.

9.8CVSS9.2AI score0.00452EPSS

CVE•added 2024/08/29 3:15 p.m.•43 views

CVE-2024-38795

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro allows SQL Injection.This issue affects ListingPro: from n/a through 2.9.4.

9.8CVSS9.7AI score0.00571EPSS

CVE•added 2024/08/29 3:15 p.m.•43 views

CVE-2024-39622

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro.This issue affects ListingPro: from n/a through 2.9.4.

9.8CVSS9.7AI score0.00255EPSS

CVE•added 2023/06/07 2:15 a.m.•32 views

CVE-2020-36719

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lp_cc_addons_actions function. This makes it possible for unauthenticated attacke...

9.8CVSS9.1AI score0.00866EPSS