Advanced Classifieds And Directory Pro

Source repositories

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-37501	WordPress Advanced Classifieds And Directory Pro	Hig	0.55	8.5	0.01	Jul 9, 2024	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginsWare Advanced Classifieds & Directory Pro allows Path Traversal.This issue affects Advanced Classifieds & Directory Pro: from n/a through 3.1.3.
CVE-2025-68580	WordPress Advanced Classifieds And Directory Pro	Med	0.28	4.3	0.00	Dec 24, 2025	Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro advanced-classifieds-and-directory-pro allows Cross Site Request Forgery.This issue affects Advanced Classifieds & Directory Pro: from n/a through <= 3.2.9.
CVE-2024-2222	WordPress Advanced Classifieds And Directory Pro	Med	0.28	4.3	0.00	Apr 9, 2024	The Advanced Classifieds & Directory Pro plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajax_callback_delete_attachment function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with subscriber access or higher, to delete arbitrary media uploads.

CVE-2024-37501HigJul 9, 2024
WordPress
Advanced Classifieds And Directory Pro
risk 0.55cvss 8.5epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginsWare Advanced Classifieds & Directory Pro allows Path Traversal.This issue affects Advanced Classifieds & Directory Pro: from n/a through 3.1.3.
CVE-2025-68580MedDec 24, 2025
WordPress
Advanced Classifieds And Directory Pro
risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro advanced-classifieds-and-directory-pro allows Cross Site Request Forgery.This issue affects Advanced Classifieds & Directory Pro: from n/a through <= 3.2.9.
CVE-2024-2222MedApr 9, 2024
WordPress
Advanced Classifieds And Directory Pro
risk 0.28cvss 4.3epss 0.00
The Advanced Classifieds & Directory Pro plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajax_callback_delete_attachment function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with subscriber access or higher, to delete arbitrary media uploads.