Vulnerabilities > Webcodingplace > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-20 | CVE-2024-13748 | Cross-site Scripting vulnerability in Webcodingplace Ultimate Classified Listings The Ultimate Classified Listings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title parameter in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. | 4.8 |
| 2024-01-03 | CVE-2024-0201 | Missing Authorization vulnerability in Webcodingplace Product Expiry for Woocommerce The Product Expiry for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_settings' function in versions up to, and including, 2.5. | 4.3 |
| 2023-08-09 | CVE-2023-4239 | Unspecified vulnerability in Webcodingplace Real Estate Manager The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7.1 due to insufficient restriction on the 'rem_save_profile_front' function. | 6.5 |