cleantalk
Vulnerabilities and Security Researches

Business Directory Plugin – Easy Listing Directories for WordPress, CVE-2021-24248

CVE, Research URL

CVE-2021-24248

Home page URL

Security reports for Business Directory Plugin – Easy Listing Directories for WordPress

Application

Business Directory Plugin – Easy Listing Directories for WordPress

Published on
May 06, 2021
Research Description
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 did not properly check for imported files, forbidding certain extension via a blacklist approach, allowing administrator to import an archive with a .php4 inside for example, leading to RCE
Affected versions
max 5.11.1.
Status
vulnerable
Previous vulnerability researches
Business Directory Plugin – Easy Listing Directories for WordPress (CVE-2021-24179) , Jun 07, 2024
Business Directory Plugin – Easy Listing Directories for WordPress (CVE-2023-5803) , Jun 07, 2024
Business Directory Plugin – Easy Listing Directories for WordPress (CVE-2021-24248) , Jun 07, 2024
Business Directory Plugin – Easy Listing Directories for WordPress (CVE-2021-24249) , Jun 07, 2024
Business Directory Plugin – Easy Listing Directories for WordPress (CVE-2021-24250) , Jun 07, 2024
New vulnerability
Email Tracker – Email Tracking Plugin to track Emails for Open and Email Links Click (Compatible with WooCommerce) (CVE-2025-10047) , Nov 11, 2025
Advanced Ads – Ad Manager & AdSense (CVE-2025-10487) , Nov 11, 2025
Social proof testimonials and reviews by Repuso (CVE-2025-62071) , Nov 11, 2025
Error Log Viewer by BestWebSoft (CVE-2025-9950) , Nov 11, 2025
Fidelo Snippet (CVE-2025-53351) , Nov 11, 2025