Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Stylemixthemes Subscribe
Filtered by product Ulisting
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36879 1 Stylemixthemes 1 Ulisting 2022-10-27 7.5 HIGH 9.8 CRITICAL
Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration.
CVE-2021-36878 1 Stylemixthemes 1 Ulisting 2021-10-04 4.3 MEDIUM 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings.
CVE-2021-36876 1 Stylemixthemes 1 Ulisting 2021-09-30 6.8 MEDIUM 8.8 HIGH
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pages.
CVE-2021-36877 1 Stylemixthemes 1 Ulisting 2021-09-30 4.3 MEDIUM 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles.
CVE-2021-36874 1 Stylemixthemes 1 Ulisting 2021-09-30 6.5 MEDIUM 8.8 HIGH
Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5).
CVE-2021-36880 1 Stylemixthemes 1 Ulisting 2021-09-30 7.5 HIGH 9.8 CRITICAL
Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions <= 2.0.3), vulnerable parameter: custom.
CVE-2021-36875 1 Stylemixthemes 1 Ulisting 2021-09-30 3.5 LOW 4.8 MEDIUM
Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin (versions <= 2.0.5). Vulnerable parameters: &filter[id], &filter[user], &filter[expired_date], &filter[created_date], &filter[updated_date].