| CVE-2025-3416 | Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch` | - | - | Low | 3.7 | 2025-04-08 18:24:22 | Deep Dive |
| CVE-2025-32162 | WordPress Chamber Dashboard Business Directory plugin <= 3.3.11 - Cross Site Scripting (XSS) vulnerability | Morgan Kay | Chamber Dashboard Business Directory | Medium | 6.5 | 2025-04-04 15:58:44 | Deep Dive |
| CVE-2025-30908 | WordPress Web Directory Free plugin <= 1.7.6 - CSRF to Cross Site Scripting (XSS) vulnerability | Shamalli | Web Directory Free | High | 7.1 | 2025-04-03 13:27:09 | Deep Dive |
| CVE-2024-13673 | Big Boom Directory <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | bigboomdesign | Big Boom Directory | Medium | 6.4 | 2025-04-03 07:21:22 | Deep Dive |
| CVE-2025-28904 | WordPress Web Directory Free plugin <= 1.7.6 - SQL Injection vulnerability | Shamalli | Web Directory Free | Critical | 9.3 | 2025-03-25 18:48:25 | Deep Dive |
| CVE-2025-2224 | Directorist <= 8.2 - Missing Authorization to Unauthenticated Arbitrary Post Publishing | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | Medium | 5.3 | 2025-03-25 05:22:48 | Deep Dive |
| CVE-2024-12920 | FoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Missing Authorization in Multiple Functions | Chimpstudio | FoodBakery | Delivery Restaurant Directory WordPress Theme | High | 8.8 | 2025-03-19 11:10:38 | Deep Dive |
| CVE-2024-13933 | FoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Cross-Site Request Forgery in Multiple Functions | Chimpstudio | FoodBakery | Delivery Restaurant Directory WordPress Theme | High | 8.8 | 2025-03-19 11:10:37 | Deep Dive |
| CVE-2025-2487 | 389-ds-base: null pointer dereference leads to denial of service | - | - | Medium | 4.9 | 2025-03-18 16:25:44 | Deep Dive |
| CVE-2025-1653 | Directory Listings WordPress plugin – uListing <= 2.2.0 - Authenticated (Subscriber+) Privilege Escalation | stylemix | Directory Listings WordPress plugin – uListing | High | 8.8 | 2025-03-15 02:22:42 | Deep Dive |
| CVE-2025-1657 | Directory Listings WordPress plugin – uListing <= 2.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injection | stylemix | Directory Listings WordPress plugin – uListing | High | 8.8 | 2025-03-15 02:22:42 | Deep Dive |
| CVE-2024-13887 | Business Directory Plugin - Easy Listing Directories for WordPress <= 6.4.14 - Insecure Direct Object Reference to Listing Arbitrary Image Addition | strategy11team | Business Directory Plugin – Easy Listing Directories for WordPress | Medium | 5.3 | 2025-03-13 03:21:01 | Deep Dive |
| CVE-2025-1702 | Ultimate Member <= 2.10.0 - Unauthenticated SQL Injection via search Parameter | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | High | 7.5 | 2025-03-05 11:22:09 | Deep Dive |
| CVE-2024-13839 | Company Directory <= 4.3 - Reflected Cross-Site Scripting via add_query_arg Function | richardgabriel | Staff Directory Plugin: Company Directory | Medium | 6.1 | 2025-03-05 09:21:48 | Deep Dive |
| CVE-2025-25165 | WordPress Staff Directory Plugin: Company Directory Plugin <= 4.3 - Cross Site Scripting (XSS) vulnerability | richardgabriel | Staff Directory Plugin: Company Directory | High | 7.1 | 2025-03-03 13:30:27 | Deep Dive |
| CVE-2025-1570 | Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.1 - Privilege Escalation and Account Takeover via Weak OTP | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | High | 8.1 | 2025-02-28 08:23:18 | Deep Dive |
| CVE-2025-1063 | Classified Listing – Classified ads & Business Directory Plugin <= 4.0.4 - Unauthenticated Settings Exposure | techlabpro1 | Classified Listing – AI-Powered Classified ads & Business Directory Plugin | Medium | 5.3 | 2025-02-25 06:58:32 | Deep Dive |
| CVE-2024-45674 | IBM Security Verify Bridge information disclosure | IBM | Security Verify Bridge Directory Sync | Low | 3.3 | 2025-02-21 23:29:17 | Deep Dive |
| CVE-2024-45673 | IBM Security Verify Bridge information disclosure | IBM | Security Verify Bridge Directory Sync | Medium | 5.5 | 2025-02-21 16:45:51 | Deep Dive |
| CVE-2024-12276 | Ultimate Member <= 2.9.2 - Authenticated SQL Injection | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Medium | 5.3 | 2025-02-21 09:21:06 | Deep Dive |