cleantalk
Vulnerabilities and Security Researches

DirectoryPress – Business Directory And Classified Ad Listing, CVE-2026-27387

CVE, Research URL

CVE-2026-27387

Home page URL

Security reports for DirectoryPress – Business Directory And Classified Ad Listing

Application

DirectoryPress – Business Directory And Classified Ad Listing

Published on
Feb 20, 2026
Research Description
Missing Authorization vulnerability in designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through <= 3.6.26.
Affected versions
max 3.6.26.
Status
vulnerable
Previous vulnerability researches
DirectoryPress Frontend (CVE-2024-10581) , Feb 16, 2025
DirectoryPress &#8211; Business Directory And Classified Ad Listing (CVE-2024-49633) , Jan 09, 2025
DirectoryPress &#8211; Business Directory And Classified Ad Listing (CVE-2023-37967) , Jun 10, 2024
DirectoryPress &#8211; Business Directory And Classified Ad Listing (CVE-2024-10584) , Dec 25, 2024
DirectoryPress &#8211; Business Directory And Classified Ad Listing (CVE-2024-38755) , Jul 15, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX &#8211; Best FOMO, Social Proof, WooCommerce Sales Popup &amp; Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System &#8211; Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026