Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ulisting
(Stylemixthemes)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-09-27 | CVE-2021-36875 | Cross-site Scripting (XSS) vulnerability in Stylemix Directory Listings WordPress plugin – uListing allows Reflected XSS.This issue affects Directory Listings WordPress plugin – uListing: from n/a through 2.0.5. | Ulisting | 4.8 | ||
| 2021-09-27 | CVE-2021-36878 | Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings. | Ulisting | 4.3 | ||
| 2021-09-27 | CVE-2021-36874 | Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5). | Ulisting | 8.8 | ||
| 2021-09-27 | CVE-2021-36876 | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pages. | Ulisting | 8.8 | ||
| 2021-09-27 | CVE-2021-36877 | Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles. | Ulisting | 6.5 | ||
| 2021-09-27 | CVE-2021-36879 | Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration. | Ulisting | 9.8 |