cleantalk
Vulnerabilities and Security Researches

WP-BusinessDirectory – Business directory plugin for WordPress, CVE-2025-24759

CVE, Research URL

CVE-2025-24759

Home page URL

Security reports for WP-BusinessDirectory – Business directory plugin for WordPress

Application

WP-BusinessDirectory – Business directory plugin for WordPress

Published on
Jul 16, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory allows Blind SQL Injection. This issue affects WP-BusinessDirectory: from n/a through 3.1.3.
Affected versions
Min -, max 3.1.3.
Status
vulnerable
Previous vulnerability researches
BuddyPress & BuddyBoss Member Profile Forms (053af10176d1dc3feead6bb1c45f871d35190797) , Jun 07, 2024
New vulnerability
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-54015) , Jul 18, 2025
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-7360) , Jul 18, 2025
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-7341) , Jul 18, 2025
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-7340) , Jul 18, 2025
SMTP for SendGrid – YaySMTP (CVE-2025-48301) , Jul 18, 2025