VYPR

DirectoryPress Frontend

by DirectoryPress

CVEs (1)

  • CVE-2024-10581Feb 15, 2025
    risk 0.00cvss epss 0.00

    The DirectoryPress Frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.9. This is due to missing or incorrect nonce validation on the dpfl_listingStatusChange() function. This makes it possible for unauthenticated…