Stylemixthemes Ulisting (Wordpress Plugin)

6 CVEs affecting Stylemixthemes Ulisting (Wordpress Plugin). Latest disclosed: 2021-09-27. Critical: 1, High: 2.

Top CVEs affecting Stylemixthemes Ulisting (Wordpress Plugin)
CVESeverityScorePublishedSummary
CVE-2021-36879Critical9.82021-09-27Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registrati…
CVE-2021-36880High8.62021-09-27Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions <= 2.0.3), vulnerable parameter: custom.
CVE-2021-36874High7.12021-09-27Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5).
CVE-2021-36876Medium5.42021-09-27Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pa…
CVE-2021-36877Medium4.32021-09-27Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles.
CVE-2021-36878Medium4.32021-09-27Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings.