Webcodingplace Ultimate Classified Listings — known CVE vulnerabilities
Every CVE whose affected-product data names Webcodingplace Ultimate Classified Listings, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-13753 — CVSS 8.1 (high): The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including…
CVE-2024-5882 — CVSS 7.5 (high): The Ultimate Classified Listings WordPress plugin before 1.3 does not validate the `ucl_page` and `layout` parameters allowing…
CVE-2024-6529 — CVSS 7.1 (high): The Ultimate Classified Listings WordPress plugin before 1.4 does not sanitise and escape a parameter before outputting it back in the…
CVE-2024-5883 — CVSS 4.7 (medium): The Ultimate Classified Listings WordPress plugin before 1.3 does not sanitise and escape a parameter before outputting it back in the…
CVE-2024-13748 — CVSS 4.4 (medium): The Ultimate Classified Listings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title parameter in all versions…