Vulnerabilities > Wpwax > Directorist > 7.4.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2023-2252 | Path Traversal vulnerability in Wpwax Directorist The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files. | 2.7 |
2023-11-07 | CVE-2023-41798 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Wpwax Directorist Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist – WordPress Business Directory Plugin with Classified Ads Listings: from n/a through 7.7.1. | 8.8 |
2023-06-09 | CVE-2023-1888 | Improper Input Validation vulnerability in Wpwax Directorist The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. | 8.8 |
2023-06-09 | CVE-2023-1889 | Unspecified vulnerability in Wpwax Directorist The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7.5.4. | 6.5 |