Every CVE whose affected-product data names Cridio Listingpro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2020-36719 — CVSS 9.8 (critical): The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and…
CVE-2024-38795 — CVSS 9.3 (critical): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro…
CVE-2024-39622 — CVSS 9.3 (critical): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro listingpro…
CVE-2024-39619 — CVSS 9.0 (critical): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro listingpro-plugin…
CVE-2024-39624 — CVSS 8.5 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro listingpro allows…
CVE-2024-39620 — CVSS 8.5 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro…
CVE-2024-39621 — CVSS 8.0 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro listingpro-plugin…
CVE-2019-19540 — CVSS 6.1 (medium): The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage.
CVE-2019-19542 — CVSS 5.4 (medium): The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page.
CVE-2019-19541 — CVSS 5.4 (medium): The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page.
CVE-2020-36723 — CVSS 5.3 (medium): The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via…