Vulnerabilities > Wpdirectorykit > WP Directory KIT > 1.0.2

DATE CVE VULNERABILITY TITLE RISK
2023-12-29 CVE-2023-31229 Open Redirect vulnerability in Wpdirectorykit WP Directory KIT
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Directory Kit.This issue affects WP Directory Kit: from n/a through 1.1.9.
network
low complexity
wpdirectorykit CWE-601
6.1
6.1
2023-08-31 CVE-2023-2279 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.1.
network
low complexity
wpdirectorykit
5.4
5.4
2023-06-13 CVE-2023-2277 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9.
network
low complexity
wpdirectorykit
4.7
4.7
2023-06-13 CVE-2023-2278 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdk_public_action' function.
network
low complexity
wpdirectorykit
critical
 9.8
9.8
2023-06-13 CVE-2023-2351 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_admin' function in versions up to, and including, 1.2.3.
network
low complexity
wpdirectorykit
4.3
4.3
2023-06-09 CVE-2023-2280 Unspecified vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_public' function in versions up to, and including, 1.2.2.
network
low complexity
wpdirectorykit
5.3
5.3
2023-06-02 CVE-2023-2835 Cross-site Scripting vulnerability in Wpdirectorykit WP Directory KIT
The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping.
network
low complexity
wpdirectorykit CWE-79
6.1
6.1