| CVE-2026-3489 | DirectoryPress – Business Directory And Classified Ad Listing <= 3.6.26 - Unauthenticated SQL Injection via 'packages' | designinvento | DirectoryPress – Business Directory And Classified Ad Listing | High | 7.5 | 2026-04-16 11:21:21 | Deep Dive |
| CVE-2019-25533 | Netartmedia PHP Business Directory 4.2 SQL Injection via loginaction.php | Phpbusinessdirectory | Netartmedia PHP Business Directory | High | 8.2 | 2026-03-12 15:37:04 | Deep Dive |
| CVE-2026-25004 | WordPress CM Business Directory plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability | CreativeMindsSolutions | CM Business Directory | Medium | 5.9 | 2026-02-19 08:26:52 | Deep Dive |
| CVE-2026-1656 | Business Directory Plugin <= 6.4.20 - Missing Authorization to Unauthenticated Arbitrary Listing Modification | strategy11team | Business Directory Plugin – Easy Listing Directories for WordPress | Medium | 5.3 | 2026-02-18 08:26:05 | Deep Dive |
| CVE-2026-2576 | Business Directory Plugin <= 6.4.21 - Unauthenticated SQL Injection via payment Parameter | strategy11team | Business Directory Plugin – Easy Listing Directories for WordPress | High | 7.5 | 2026-02-18 04:35:46 | Deep Dive |
| CVE-2025-68887 | WordPress WP-BusinessDirectory plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability | CMSJunkie - WordPress Business Directory Plugins | WP-BusinessDirectory | 中危 | - | 2026-01-08 09:17:54 | Deep Dive |
| CVE-2025-64630 | WordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerability | Strategy11 Team | Business Directory | Medium | 4.9 | 2025-12-16 08:12:50 | Deep Dive |
| CVE-2025-67596 | WordPress Business Directory plugin <= 6.4.19 - Cross Site Request Forgery (CSRF) vulnerability | Strategy11 Team | Business Directory | Medium | 4.3 | 2025-12-09 14:14:19 | Deep Dive |
| CVE-2025-13414 | Chamber Dashboard Business Directory <= 3.3.11 - Missing Authorization to Unauthenticated Business Information Export | gwendydd | Chamber Dashboard Business Directory | Medium | 5.3 | 2025-11-25 07:28:19 | Deep Dive |
| CVE-2025-12174 | Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.5.2 - Missing Authorization to Authenticated (Subscriber+) Data Export and Slug Update | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | Medium | 6.5 | 2025-11-19 05:45:14 | Deep Dive |
| CVE-2025-7711 | Classified Listing – Classified ads & Business Directory Plugin <= 5.0.3 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Listing Description | techlabpro1 | Classified Listing – AI-Powered Classified ads & Business Directory Plugin | Medium | 5.4 | 2025-11-17 22:27:45 | Deep Dive |
| CVE-2025-12833 | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.139 - Missing Authorization to Authenticated (Author+) Arbitrary Image Attachment | paoltaia | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory | Medium | 4.3 | 2025-11-12 04:29:09 | Deep Dive |
| CVE-2025-12953 | Classified Listing – AI-Powered Classified ads & Business Directory Plugin <= 5.2.0 - Missing Authorization to Authenticated (Subscriber+) Listing Types Tampering | techlabpro1 | Classified Listing – AI-Powered Classified ads & Business Directory Plugin | Medium | 4.3 | 2025-11-11 11:03:46 | Deep Dive |
| CVE-2025-64219 | WordPress Business Directory plugin <= 6.4.18 - Broken Access Control vulnerability | Strategy11 Team | Business Directory | - | - | 2025-10-29 08:38:10 | Deep Dive |
| CVE-2025-10488 | Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.4.8 - Authenticated (Subscriber+) Arbitrary File Move | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | High | 8.1 | 2025-10-25 06:49:21 | Deep Dive |
| CVE-2025-10178 | CM Business Directory <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | creativemindssolutions | CM Business Directory – Optimise and showcase local business | Medium | 6.4 | 2025-09-26 01:47:27 | Deep Dive |
| CVE-2025-48162 | WordPress Simple Business Directory Pro <= 15.5.1 - Cross Site Scripting (XSS) Vulnerability | quantumcloud | Simple Business Directory Pro | High | 7.1 | 2025-08-20 08:03:29 | Deep Dive |
| CVE-2025-53580 | WordPress Simple Business Directory Pro Plugin < 15.6.9 - Privilege Escalation Vulnerability | quantumcloud | Simple Business Directory Pro | Critical | 9.8 | 2025-08-20 08:03:10 | Deep Dive |
| CVE-2024-13507 | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.97 - Unauthenticated SQL Injection | paoltaia | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory | High | 7.5 | 2025-07-26 03:38:18 | Deep Dive |
| CVE-2025-24759 | WordPress WP-BusinessDirectory <= 3.1.5 - SQL Injection vulnerability | CMSJunkie - WordPress Business Directory Plugins | WP-BusinessDirectory | Critical | 9.3 | 2025-07-16 11:28:14 | Deep Dive |