Vulnerabilities > Cridio > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-08-29 CVE-2024-38795 SQL Injection vulnerability in Cridio Listingpro
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro allows SQL Injection.This issue affects ListingPro: from n/a through 2.9.4.
network
low complexity
cridio CWE-89
critical
 9.8
9.8
2024-08-29 CVE-2024-39622 SQL Injection vulnerability in Cridio Listingpro
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro.This issue affects ListingPro: from n/a through 2.9.4.
network
low complexity
cridio CWE-89
critical
 9.8
9.8
2023-06-07 CVE-2020-36719 Missing Authorization vulnerability in Cridio Listingpro
The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1.
network
low complexity
cridio CWE-862
critical
 9.8
9.8