Vulnerabilities > Wpwax > Directorist > 7.6.2

DATE CVE VULNERABILITY TITLE RISK
2025-02-28 CVE-2025-1570 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Wpwax Directorist
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1.
network
low complexity
wpwax CWE-640
critical
 9.8
9.8
2025-02-01 CVE-2024-12041 Unspecified vulnerability in Wpwax Directorist
The Directorist: AI-Powered WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.0.12 via the /wp-json/directorist/v1/users/ endpoint.
network
low complexity
wpwax
5.3
5.3
2023-11-07 CVE-2023-41798 Unspecified vulnerability in Wpwax Directorist
Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist – WordPress Business Directory Plugin with Classified Ads Listings: from n/a through 7.7.1.
network
low complexity
wpwax
8.8
8.8