Listdom
by WordPress
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-49063 | Hig | 0.47 | 7.3 | 0.00 | Jun 15, 2026 | Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions. | ||
| CVE-2025-67560 | Med | 0.35 | 5.4 | 0.00 | Dec 9, 2025 | Missing Authorization vulnerability in Webilia Inc. Listdom listdom allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listdom: from n/a through <= 5.0.1. | ||
| CVE-2024-11854 | Med | 0.35 | 6.4 | 0.00 | Dec 4, 2024 | The Listdom – Business Directory and Classified Ads Listings WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcode’ parameter in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output… | ||
| CVE-2025-39599 | Med | 0.31 | 4.7 | 0.00 | Apr 16, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Webilia Inc. Listdom listdom allows Phishing.This issue affects Listdom: from n/a through <= 4.0.0. | ||
| CVE-2026-54819 | 0.00 | — | 0.00 | Jun 17, 2026 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webilia Inc. Listdom allows Blind SQL Injection. This issue affects Listdom: from n/a through 5.4.0. |
- risk 0.47cvss 7.3epss 0.00
Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions.
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Webilia Inc. Listdom listdom allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listdom: from n/a through <= 5.0.1.
- risk 0.35cvss 6.4epss 0.00
The Listdom – Business Directory and Classified Ads Listings WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcode’ parameter in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output…
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Webilia Inc. Listdom listdom allows Phishing.This issue affects Listdom: from n/a through <= 4.0.0.
- CVE-2026-54819Jun 17, 2026risk 0.00cvss —epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webilia Inc. Listdom allows Blind SQL Injection. This issue affects Listdom: from n/a through 5.4.0.