CVE-2026-27396
- EPSS 0.22%
- Veröffentlicht 05.03.2026 06:16:28
- Zuletzt bearbeitet 22.04.2026 21:26:58
Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6.
CVE-2025-64243
- EPSS 0.19%
- Veröffentlicht 16.12.2025 08:12:48
- Zuletzt bearbeitet 27.04.2026 16:16:36
Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6.
CVE-2025-52748
- EPSS 0.23%
- Veröffentlicht 22.10.2025 14:32:24
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Directory Pro directory-pro allows Reflected XSS.This issue affects Directory Pro: from n/a through <= 2.5.5.
CVE-2025-57948
- EPSS 0.25%
- Veröffentlicht 22.09.2025 18:24:53
- Zuletzt bearbeitet 23.04.2026 15:33:06
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Directory Pro directory-pro allows DOM-Based XSS.This issue affects Directory Pro: from n/a through <= 2.5.5.
CVE-2020-36666
- EPSS 0.91%
- Veröffentlicht 27.03.2023 16:15:07
- Zuletzt bearbeitet 19.02.2025 20:15:32
The directory-pro WordPress plugin before 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin before 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress plugin before 1.0.9, real-estate-pro WordPress plug...