Webcodingplace Ultimate_classified_listings
5 CVEs affecting Webcodingplace Ultimate_classified_listings. Latest disclosed: 2025-02-20. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-13753 | High | 8.1 | 2025-02-20 | The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to mis… |
CVE-2024-5882 | High | 7.5 | 2024-07-29 | The Ultimate Classified Listings WordPress plugin before 1.3 does not validate the `ucl_page` and `layout` parameters allowing unauthenticated users to access… |
CVE-2024-6529 | High | 7.1 | 2024-08-01 | The Ultimate Classified Listings WordPress plugin before 1.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Refle… |
CVE-2024-5883 | Medium | 4.7 | 2024-07-29 | The Ultimate Classified Listings WordPress plugin before 1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Refle… |
CVE-2024-13748 | Medium | 4.4 | 2025-02-20 | The Ultimate Classified Listings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title parameter in all versions up to, and including… |