Update the WordPress uListing plugin to the latest available version (at least 2.0.6).
Vlad Vector discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress uListing Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 2.0.6.
Authenticated Insecure Direct Object References (IDOR) vulnerability
7.1
27.07.2021
Multiple CrossSite Request Forgery (CSRF) vulnerabilities
5.4
27.07.2021
Modify User Roles via CrossSite Request Forgery (CSRF) vulnerability
6.5
27.07.2021
Settings Update via CrossSite Request Forgery (CSRF) vulnerability
4.3
27.07.2021
Unauthenticated Privilege Escalation vulnerability
9.8
27.07.2021
Successfully submit vulnerabilities and receive an invite to our Alliance platform.
Learn more
Close
uListing
LinkedIn
Facebook
Twitter
Join Discord
