Vulnerabilities > Wpwax > Directorist > 7.12.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-28 | CVE-2025-1570 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Wpwax Directorist The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1. | 9.8 |
| 2025-02-01 | CVE-2024-12041 | Unspecified vulnerability in Wpwax Directorist The Directorist: AI-Powered WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.0.12 via the /wp-json/directorist/v1/users/ endpoint. | 5.3 |