VYPR

Classified Listing Pro

by WordPress

CVEs (2)

  • CVE-2022-2655MedSep 16, 2022
    risk 0.40cvss 6.1epss 0.01

    The Classified Listing Pro WordPress plugin before 2.0.20 does not escape a generated URL before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

  • CVE-2022-2654MedSep 16, 2022
    risk 0.40cvss 6.1epss 0.00

    The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a parameter before outputting it…