Connections-pro Connections Business Directory — known CVE vulnerabilities
Every CVE whose affected-product data names Connections-pro Connections Business Directory, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-36503 — CVSS 8.0 (high): The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to…
CVE-2023-29437 — CVSS 6.5 (medium): Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36…
CVE-2021-24794 — CVSS 4.8 (medium): The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could…