FearZzZz discovered and reported this Insecure Direct Object References (IDOR) vulnerability in WordPress uListing Plugin. An insecure direct object reference vulnerability could allow a malicious actor to bypass authorization, authentication, access sensitive files/folders or interact with the database. This vulnerability has been fixed in version 2.0.6.