| CVE-2024-13541 | aDirectory – WordPress Directory Listing Plugin <= 2.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion | adirectory | aDirectory – WP Business Directory Plugin and Classified Ads Listings Directory | Medium | 4.3 | 2025-02-12 03:21:40 | Deep Dive |
| CVE-2024-13506 | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.97 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Display_name Parameter | paoltaia | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory | Medium | 6.4 | 2025-02-11 11:10:04 | Deep Dive |
| CVE-2025-0169 | DWT - Directory & Listing WordPress Theme <=3.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | scriptsbundle | DWT - Directory & Listing WordPress Theme | Medium | 6.4 | 2025-02-08 22:21:31 | Deep Dive |
| CVE-2024-51450 | IBM Security Verify Directory Command Execution | IBM | Security Verify Directory | Critical | 9.1 | 2025-02-06 00:15:03 | Deep Dive |
| CVE-2024-12041 | Directorist – AI-Powered WordPress Business Directory Plugin with Classified Ads Listings <= 8.0.12 - Unauthenticated User Information Exposure | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | Medium | 5.3 | 2025-02-01 05:30:37 | Deep Dive |
| CVE-2024-45650 | IBM Security Verify Directory denial of service | IBM | Security Verify Directory | High | 7.5 | 2025-01-31 15:07:24 | Deep Dive |
| CVE-2025-24563 | WordPress Cleanup – Directory Listing & Classifieds plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability | themeglow | Cleanup – Directory Listing & Classifieds WordPress Plugin | High | 7.1 | 2025-01-31 08:24:40 | Deep Dive |
| CVE-2025-0367 | Regular Expression Denial of Service (ReDoS) in Splunk Supporting Add-on for Active Directory (SA-ldapsearch) | Splunk | Splunk Supporting Add-on for Active Directory | Medium | 6.5 | 2025-01-30 17:04:50 | Deep Dive |
| CVE-2024-28766 | IBM Security Directory Integrator information disclosure | IBM | Security Directory Integrator | Low | 2.4 | 2025-01-27 01:14:42 | Deep Dive |
| CVE-2024-28770 | IBM Security Directory Integrator information disclosure | IBM | Security Directory Integrator | Medium | 4.8 | 2025-01-27 01:12:44 | Deep Dive |
| CVE-2024-28771 | IBM Security Directory Integrator information disclosure | IBM | Security Directory Integrator | Medium | 4.8 | 2025-01-27 01:12:16 | Deep Dive |
| CVE-2024-12885 | Connections Business Directory <= 10.4.66 - Authenticated (Admin+) Arbitrary Directory Deletion | shazahm1hotmailcom | Connections Business Directory | Medium | 6.5 | 2025-01-25 07:24:15 | Deep Dive |
| CVE-2025-23723 | WordPress Plestar Directory Listing plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability | hdw player | Plestar Directory Listing | High | 7.1 | 2025-01-23 15:29:41 | Deep Dive |
| CVE-2025-0308 | Ultimate Member <= 2.9.1 - Unauthenticated SQL Injection | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | High | 7.5 | 2025-01-18 05:33:50 | Deep Dive |
| CVE-2025-0318 | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.9.1 - Information Exposure | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Medium | 5.3 | 2025-01-18 05:33:49 | Deep Dive |
| CVE-2025-23917 | WordPress Chamber Dashboard Business Directory Plugin <= 3.3.10 - Broken Access Control vulnerability | Chandrika Guntur, Morgan Kay | Chamber Dashboard Business Directory | Medium | 5.4 | 2025-01-16 20:07:58 | Deep Dive |
| CVE-2024-11452 | Chamber Dashboard Business Directory <= 3.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | gwendydd | Chamber Dashboard Business Directory | Medium | 6.4 | 2025-01-16 03:27:22 | Deep Dive |
| CVE-2025-0170 | DWT - Directory & Listing WordPress Theme <= 3.3.3 - Reflected Cross-Site Scripting | scriptsbundle | DWT - Directory & Listing WordPress Theme | Medium | 6.1 | 2025-01-16 01:49:03 | Deep Dive |
| CVE-2024-56215 | WordPress Member Directory and Contact Form plugin <= 1.7.0 - Broken Access Control vulnerability | DBAR Productions | Member Directory and Contact Form | Medium | 4.3 | 2024-12-31 10:17:30 | Deep Dive |
| CVE-2024-10584 | DirectoryPress <= 3.6.16 - Authenticated (Author+) Stored Cross-Site Scripting | designinvento | DirectoryPress – Business Directory And Classified Ad Listing | Medium | 5.4 | 2024-12-24 11:09:50 | Deep Dive |