Unknown Directorist vulnerabilities
3 known vulnerabilities affecting unknown/directorist.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2LOW1
Vulnerabilities
Page 1 of 1
CVE-2023-2252LOWCVSS 2.7PoCfixed in 7.5.42024-01-16
CVE-2023-2252 [LOW] CWE-22 CVE-2023-2252: The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not v
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files.
cvelistv5nvd
CVE-2022-3961MEDIUMCVSS 6.5fixed in 7.4.42022-12-19
CVE-2022-3961 [MEDIUM] CWE-862 CVE-2022-3961: The Directorist WordPress plugin before 7.4.4 does not prevent users with low privileges (like subsc
The Directorist WordPress plugin before 7.4.4 does not prevent users with low privileges (like subscribers) from accessing sensitive system information.
cvelistv5nvd
CVE-2022-3930MEDIUMCVSS 6.5fixed in 7.4.2.22022-12-12
CVE-2022-3930 [MEDIUM] CWE-639 CVE-2022-3930: The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker
The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own.
cvelistv5nvd