| CVE-2025-31918 | WordPress Simple Business Directory Pro plugin < 15.6.9 - Privilege Escalation vulnerability | quantumcloud | Simple Business Directory Pro | Critical | 9.8 | 2025-05-23 12:44:02 | Deep Dive |
| CVE-2025-32630 | WordPress WP-BusinessDirectory Plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability | CMSJunkie - WordPress Business Directory Plugins | WP-BusinessDirectory | High | 7.1 | 2025-04-17 15:47:12 | Deep Dive |
| CVE-2025-32629 | WordPress WP-BusinessDirectory Plugin <= 3.1.2 - Arbitrary File Deletion vulnerability | CMSJunkie - WordPress Business Directory Plugins | WP-BusinessDirectory | High | 8.6 | 2025-04-11 08:43:01 | Deep Dive |
| CVE-2025-32162 | WordPress Chamber Dashboard Business Directory plugin <= 3.3.11 - Cross Site Scripting (XSS) vulnerability | Morgan Kay | Chamber Dashboard Business Directory | Medium | 6.5 | 2025-04-04 15:58:44 | Deep Dive |
| CVE-2025-2224 | Directorist <= 8.2 - Missing Authorization to Unauthenticated Arbitrary Post Publishing | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | Medium | 5.3 | 2025-03-25 05:22:48 | Deep Dive |
| CVE-2024-13887 | Business Directory Plugin - Easy Listing Directories for WordPress <= 6.4.14 - Insecure Direct Object Reference to Listing Arbitrary Image Addition | strategy11team | Business Directory Plugin – Easy Listing Directories for WordPress | Medium | 5.3 | 2025-03-13 03:21:01 | Deep Dive |
| CVE-2025-1570 | Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.1 - Privilege Escalation and Account Takeover via Weak OTP | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | High | 8.1 | 2025-02-28 08:23:18 | Deep Dive |
| CVE-2025-1063 | Classified Listing – Classified ads & Business Directory Plugin <= 4.0.4 - Unauthenticated Settings Exposure | techlabpro1 | Classified Listing – AI-Powered Classified ads & Business Directory Plugin | Medium | 5.3 | 2025-02-25 06:58:32 | Deep Dive |
| CVE-2024-13506 | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.97 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Display_name Parameter | paoltaia | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory | Medium | 6.4 | 2025-02-11 11:10:04 | Deep Dive |
| CVE-2024-12041 | Directorist – AI-Powered WordPress Business Directory Plugin with Classified Ads Listings <= 8.0.12 - Unauthenticated User Information Exposure | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | Medium | 5.3 | 2025-02-01 05:30:37 | Deep Dive |
| CVE-2024-12885 | Connections Business Directory <= 10.4.66 - Authenticated (Admin+) Arbitrary Directory Deletion | shazahm1hotmailcom | Connections Business Directory | Medium | 6.5 | 2025-01-25 07:24:15 | Deep Dive |
| CVE-2025-23917 | WordPress Chamber Dashboard Business Directory Plugin <= 3.3.10 - Broken Access Control vulnerability | Chandrika Guntur, Morgan Kay | Chamber Dashboard Business Directory | Medium | 5.4 | 2025-01-16 20:07:58 | Deep Dive |
| CVE-2024-11452 | Chamber Dashboard Business Directory <= 3.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | gwendydd | Chamber Dashboard Business Directory | Medium | 6.4 | 2025-01-16 03:27:22 | Deep Dive |
| CVE-2024-10584 | DirectoryPress <= 3.6.16 - Authenticated (Author+) Stored Cross-Site Scripting | designinvento | DirectoryPress – Business Directory And Classified Ad Listing | Medium | 5.4 | 2024-12-24 11:09:50 | Deep Dive |
| CVE-2024-11854 | Listdom – Business Directory and Classified Ads Listings WordPress Plugin <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode Parameter | webilia | Listdom: AI-powered Business Directory with Classifieds Ads Listings | Medium | 6.4 | 2024-12-04 11:08:26 | Deep Dive |
| CVE-2024-11202 | Multiple Plugins <= (Various Versions) - Reflected Cross-Site Scripting via cminds_free_guide Shortcode | creativemindssolutions | CM Header and Footer – Add custom scripts and styles to your header and footer with ease | Medium | 6.1 | 2024-11-26 07:31:32 | Deep Dive |
| CVE-2024-11194 | Classified Listing – Classified ads & Business Directory Plugin <= 3.1.15.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update | techlabpro1 | Classified Listing – AI-Powered Classified ads & Business Directory Plugin | High | 8.8 | 2024-11-19 11:32:12 | Deep Dive |
| CVE-2024-43981 | WordPress GeoDirectory plugin <= 2.3.70 - Broken Access Control vulnerability | AyeCode – WP Business Directory Plugins | GeoDirectory | Medium | 4.3 | 2024-11-01 14:17:12 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-7888 | Classified Listing – Classified ads & Business Directory Plugin <= 3.1.7 - Missing Authorization | techlabpro1 | Classified Listing – AI-Powered Classified ads & Business Directory Plugin | Medium | 6.3 | 2024-09-13 06:47:27 | Deep Dive |