Ulisting Security Vulnerabilities and Issues — Ulisting CVE List

Lucene search

StylemixthemesUlisting

3 matches found

CVE•added 2025/03/15 3:15 a.m.•58 views

CVE-2025-1653

The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.7. This is due to the stm_listing_profile_edit AJAX action not having enough restriction on the user meta that can be updated. This makes it possib...

8.8CVSS8.5AI score0.00025EPSS

CVE•added 2025/03/15 3:15 a.m.•50 views

CVE-2025-1657

The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to unauthorized modification of data and PHP Object Injection due to a missing capability check on the stm_listing_ajax AJAX action in all versions up to, and including, 2.1.7. This makes it possible for authentic...

8.8CVSS8.6AI score0.00074EPSS

CVE•added 2025/02/07 10:15 a.m.•41 views

CVE-2025-25151

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes uListing allows SQL Injection. This issue affects uListing: from n/a through 2.1.6.

8.5CVSS7.7AI score0.00056EPSS