Vulnerabilities > Wpdirectorykit

DATE CVE VULNERABILITY TITLE RISK
2024-07-21 CVE-2024-37487 Cross-site Scripting vulnerability in Wpdirectorykit WP Directory KIT
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpdirectorykit.Com WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.3.5.
network
low complexity
wpdirectorykit CWE-79
6.1
2023-12-29 CVE-2023-31229 Open Redirect vulnerability in Wpdirectorykit WP Directory KIT
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Directory Kit.This issue affects WP Directory Kit: from n/a through 1.1.9.
network
low complexity
wpdirectorykit CWE-601
6.1
2023-06-13 CVE-2023-2277 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9.
network
low complexity
wpdirectorykit
4.7
2023-06-13 CVE-2023-2278 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdk_public_action' function.
network
low complexity
wpdirectorykit
critical
9.8
2023-06-13 CVE-2023-2351 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_admin' function in versions up to, and including, 1.2.3.
network
low complexity
wpdirectorykit
4.3
2023-06-09 CVE-2023-2280 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_public' function in versions up to, and including, 1.2.2.
network
low complexity
wpdirectorykit
5.3
2023-06-02 CVE-2023-2835 Cross-site Scripting vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping.
network
low complexity
wpdirectorykit CWE-79
6.1