cleantalk
Vulnerabilities and Security Researches

Directorist – WordPress Business Directory Plugin with Classified Ads Listings, CVE-2021-24981

CVE, Research URL

CVE-2021-24981

Home page URL

Security reports for Directorist – WordPress Business Directory Plugin with Classified Ads Listings

Application

Directorist – WordPress Business Directory Plugin with Classified Ads Listings

Published on
Dec 21, 2021
Research Description
The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to Remote File Upload leading to arbitrary PHP shell uploads in the wp-content/plugins directory.
Affected versions
max 7.0.6.2.
Status
vulnerable
Previous vulnerability researches
Directorist – WordPress Business Directory Plugin with Classified Ads Listings (CVE-2025-2224) , Mar 26, 2025
Directorist – WordPress Business Directory Plugin with Classified Ads Listings (CVE-2022-2046) , Jun 07, 2024
Directorist – WordPress Business Directory Plugin with Classified Ads Listings (CVE-2022-2377) , Jun 07, 2024
Directorist – WordPress Business Directory Plugin with Classified Ads Listings (CVE-2022-3930) , Jun 07, 2024
Directorist – WordPress Business Directory Plugin with Classified Ads Listings (CVE-2023-1888) , Jun 07, 2024
New vulnerability
JB News Ticker (CVE-2025-11804) , Nov 11, 2025
My auctions allegro (CVE-2025-10048) , Nov 11, 2025
Sertifier Certificates & Open Badges – Tutor LMS (CVE-2025-53214) , Nov 11, 2025
Toast Mobile Menu – PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025