Business Directory Plugin - Easy Listing Directories Security Vulnerabilities and Issues — Business Directory Plugin - Easy Listing Directories CVE List

Lucene search

Strategy11Business Directory Plugin - Easy Listing Directories

6 matches found

CVE•added 2021/05/06 1:15 p.m.•35 views

CVE-2021-24178

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 suffered from Cross-Site Request Forgery issues, allowing an attacker to make a logged in administrator add, edit or delete form fields, which could also lead to Stored Cross-Site Scripting issues.

8.8CVSS8.1AI score0.00202EPSS

CVE•added 2021/05/06 1:15 p.m.•35 views

CVE-2021-24249

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator export files, which could then be downloaded by the attacker to get access to PII, such as e...

6.5CVSS6.4AI score0.00121EPSS

CVE•added 2021/05/06 1:15 p.m.•35 views

CVE-2021-24250

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from lack of sanitisation in the label of the Form Fields, leading to Authenticated Stored Cross-Site Scripting issues across various pages of the plugin.

5.4CVSS5.3AI score0.00188EPSS

CVE•added 2021/05/06 1:15 p.m.•34 views

CVE-2021-24251

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator update arbitrary payment history, such as change their status (from pending to completed to ...

4.3CVSS4.6AI score0.00142EPSS

CVE•added 2021/05/06 1:15 p.m.•32 views

CVE-2021-24248

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 did not properly check for imported files, forbidding certain extension via a blacklist approach, allowing administrator to import an archive with a .php4 inside for example, leading to RCE

7.2CVSS6.9AI score0.00875EPSS

CVE•added 2021/05/06 1:15 p.m.•31 views

CVE-2021-24179

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator import files. As the plugin also did not validate uploaded files, it could lead to RCE.

8.8CVSS8.7AI score0.00202EPSS