RSS   Podatności dla 'Easy listing directories'   RSS

2021-05-06
 
CVE-2021-24248

CWE-434
 

 
The Business Directory Plugin ??�??�?? Easy Listing Directories for WordPress WordPress plugin before 5.11.1 did not properly check for imported files, forbidding certain extension via a blacklist approach, allowing administrator to import an archive with a .php4 inside for example, leading to RCE

 
 
CVE-2021-24251

CWE-352
 

 
The Business Directory Plugin ??�??�?? Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator update arbitrary payment history, such as change their status (from pending to completed to example)

 
 
CVE-2021-24249

CWE-352
 

 
The Business Directory Plugin ??�??�?? Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator export files, which could then be downloaded by the attacker to get access to PII, such as email, home addresses etc

 

 >>> Vendor: Strategy11 3 Produkty
Easy listing directories
Business directory plugin - easy listing directories
Formidable form builder


Copyright 2024, cxsecurity.com

 

Back to Top