Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

wpdirectorykit — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting wpdirectorykit. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products wpdirectorykit:WP Directory KitSweet Energy Efficiency
CVE IDTitleCVSSSeverityPaused
CVE-2025-13920 WP Directory Kit <= 1.4.9 - Unauthenticated Email Exposure via wdk_public_action — WP Directory KitCWE-200 5.3 Medium2026-01-24
CVE-2025-14618 Sweet Energy Efficiency <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion — Sweet Energy EfficiencyCWE-862 4.3 Medium2025-12-18
CVE-2025-13089 WP Directory Kit <= 1.4.7 - Unauthenticated SQL Injection — WP Directory KitCWE-89 7.5 High2025-12-13
CVE-2025-13090 WP Directory Kit <= 1.4.6 - Authenticated (Admin+) SQL Injection — WP Directory KitCWE-89 4.9 Medium2025-12-02
CVE-2025-13525 WP Directory Kit <= 1.4.5 - Reflected Cross-Site Scripting via 'order_by' Parameter — WP Directory KitCWE-79 6.1 Medium2025-11-27
CVE-2025-13138 WP Directory Kit <= 1.4.3 - Unauthenticated SQL Injection via select_2_ajax() Function — WP Directory KitCWE-89 7.5 High2025-11-21
CVE-2025-60120 WordPress WP Directory Kit plugin <= 1.4.0 - Broken Access Control vulnerability — WP Directory KitCWE-862 5.3 Medium2025-09-26
CVE-2025-58262 WordPress Sweet Energy Efficiency plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability — Sweet Energy EfficiencyCWE-352 7.1 High2025-09-22
CVE-2023-41875 WordPress WP Directory Kit plugin <= 1.2.6 - Broken Access Control vulnerability — WP Directory KitCWE-862 5.3 Medium2024-12-13
CVE-2024-37253 WordPress WPDirectoryKit plugin <= 1.3.6 - HTML Injection vulnerability — WP Directory KitCWE-74 2.7 Low2024-07-09
CVE-2024-3217 WP Directory Kit <= 1.3.0 - Authenticated (Subscriber+) SQL Injection — WP Directory KitCWE-89 8.8 High2024-04-05
CVE-2024-29774 WordPress WP Directory Kit plugin <= 1.2.9 - Reflected Cross Site Scripting (XSS) vulnerability — WP Directory KitCWE-79 7.1 High2024-03-27
CVE-2023-2279 WP Directory Kit <= 1.2.1 - Cross-Site Request Forgery to Plugin Settings Change/Delete, Demo Import, Directory Kit Modification/Deletion via admin_page_display — WP Directory KitCWE-352 5.4 Medium2023-08-31
CVE-2023-2277 WP Directory Kit <= 1.1.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting via wdk_resultitem — WP Directory KitCWE-352 6.1 Medium2023-06-13
CVE-2023-2278 WP Directory Kit <= 1.1.9 - Unauthenticated Local File Inclusion via wdk_public_action — WP Directory KitCWE-22 9.8 Critical2023-06-13
CVE-2023-2351 WP Directory Kit <= 1.2.3 - Missing Authorization to Plugin Settings Change/Delete, Demo Import, Directory Kit Deletion via wdk_admin_action — WP Directory KitCWE-862 6.5 Medium2023-06-13
CVE-2023-2280 WP Directory Kit <= 1.2.2 - Missing Authorization to Plugin Installation, Settings Change/Delete, Demo Import, Directory Kit Deletion via wdk_public_action — WP Directory KitCWE-862 6.5 Medium2023-06-09
CVE-2023-2835 WP Directory Kit <= 1.2.3 - Reflected Cross-Site Scripting via 'search' — WP Directory KitCWE-79 6.1 Medium2023-06-02

This page lists every published CVE security advisory associated with wpdirectorykit. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.