Classified Listing Security Vulnerabilities and Issues — Classified Listing CVE List

Lucene search

RadiusthemeClassified Listing

9 matches found

CVE•added 2025/02/25 7:15 a.m.•87 views

CVE-2025-1063

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.4 via the rtcl_taxonomy_settings_export function. This makes it possible for unauthenticated attackers to extract sensit...

5.3CVSS6.8AI score0.00041EPSS

CVE•added 2024/04/25 8:15 a.m.•73 views

CVE-2024-3893

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtcl_fb_gallery_image_delete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authentica...

5.3CVSS6.4AI score0.00081EPSS

CVE•added 2022/09/16 9:15 a.m.•51 views

CVE-2022-2655

The Classified Listing Pro WordPress plugin before 2.0.20 does not escape a generated URL before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

6.1CVSS6.1AI score0.00293EPSS

CVE•added 2022/09/16 9:15 a.m.•49 views

CVE-2022-2654

The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a parameter before outputting it back in attributes, ...

6.1CVSS6.1AI score0.0023EPSS

CVE•added 2023/07/18 1:15 p.m.•40 views

CVE-2023-37387

Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Classified Listing plugin

8.8CVSS7AI score0.00051EPSS

CVE•added 2024/04/09 7:15 p.m.•40 views

CVE-2024-1315

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing or incorrect nonce validation on the 'rtcl_update_user_account' function. This makes it possible f...

8.8CVSS9AI score0.00434EPSS

CVE•added 2024/04/09 7:15 p.m.•35 views

CVE-2024-1352

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access & modification of data due to a missing capability check on the rtcl_import_location() rtcl_import_category() functions in all versions up to, and including, 3.0.4. This mak...

6.5CVSS8.9AI score0.00278EPSS

CVE•added 2025/04/17 4:15 p.m.•34 views

CVE-2025-24745

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Classified Listing allows Reflected XSS. This issue affects Classified Listing: from n/a through 4.0.1.

7.1CVSS6.9AI score0.00045EPSS

CVE•added 2025/06/20 3:15 p.m.•6 views

CVE-2025-52715

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Classified Listing allows PHP Local File Inclusion. This issue affects Classified Listing: from n/a through 4.2.0.

7.5CVSS7.7AI score0.00147EPSS