Update the WordPress uListing plugin to the latest available version (at least 2.0.6)
Vlad Vector discovered and reported this Insecure Direct Object References (IDOR) vulnerability in WordPress uListing Plugin. An insecure direct object reference vulnerability could allow a malicious actor to bypass authorization, authentication, access sensitive files/folders or interact with the database. This vulnerability has been fixed in version 2.0.6.
Authenticated Reflected CrossSite Scripting (XSS) vulnerability
4.8
27.07.2021
Multiple CrossSite Request Forgery (CSRF) vulnerabilities
5.4
27.07.2021
Modify User Roles via CrossSite Request Forgery (CSRF) vulnerability
6.5
27.07.2021
Settings Update via CrossSite Request Forgery (CSRF) vulnerability
4.3
27.07.2021
Unauthenticated Privilege Escalation vulnerability
9.8
27.07.2021
Successfully submit vulnerabilities and receive an invite to our Alliance platform.
Learn more
Close
uListing
LinkedIn
Facebook
Twitter
Join Discord
