VYPR
Vendor

Salephpscripts

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2025-28904CriMar 25, 2025
    risk 0.60cvss 9.3epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free web-directory-free allows Blind SQL Injection.This issue affects Web Directory Free: from n/a through <= 1.7.6.

  • CVE-2023-2201HigJun 2, 2023
    risk 0.50cvss 8.8epss 0.01

    The Web Directory Free for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 1.6.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2025-30908HigApr 3, 2025
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Shamalli Web Directory Free web-directory-free allows Stored XSS.This issue affects Web Directory Free: from n/a through <= 1.7.6.

  • CVE-2024-47379HigOct 5, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shamalli Web Directory Free web-directory-free allows Reflected XSS.This issue affects Web Directory Free: from n/a through <= 1.7.3.