Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-21	CVE-2024-37487	Cross-site Scripting vulnerability in Wpdirectorykit WP Directory KIT Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpdirectorykit.Com WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.3.5. network low complexity wpdirectorykit CWE-79	6.1
2023-12-29	CVE-2023-31229	Open Redirect vulnerability in Wpdirectorykit WP Directory KIT URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Directory Kit.This issue affects WP Directory Kit: from n/a through 1.1.9. network low complexity wpdirectorykit CWE-601	6.1
2023-06-13	CVE-2023-2277	Unspecified vulnerability in Wpdirectorykit WP Directory KIT The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. network low complexity wpdirectorykit	4.7
2023-06-13	CVE-2023-2351	Unspecified vulnerability in Wpdirectorykit WP Directory KIT The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_admin' function in versions up to, and including, 1.2.3. network low complexity wpdirectorykit	4.3
2023-06-09	CVE-2023-2280	Unspecified vulnerability in Wpdirectorykit WP Directory KIT The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_public' function in versions up to, and including, 1.2.2. network low complexity wpdirectorykit	5.3
2023-06-02	CVE-2023-2835	Cross-site Scripting vulnerability in Wpdirectorykit WP Directory KIT The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. network low complexity wpdirectorykit CWE-79	6.1