cleantalk
Vulnerabilities and Security Researches

DirectoryPress – Business Directory And Classified Ad Listing, CVE-2025-62967

CVE, Research URL

CVE-2025-62967

Home page URL

Security reports for DirectoryPress – Business Directory And Classified Ad Listing

Application

DirectoryPress – Business Directory And Classified Ad Listing

Published on
Oct 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designinvento DirectoryPress directorypress allows DOM-Based XSS.This issue affects DirectoryPress: from n/a through <= 3.6.25.
Affected versions
max 3.6.25.
Status
vulnerable
Previous vulnerability researches
SNORDIAN&#039;s H5PxAPIkatchu (CVE-2025-30821) , Apr 02, 2025
Interactive Content – H5P (CVE-2025-62951) , Nov 10, 2025
Interactive Content – H5P , Jun 06, 2024
Interactive Content – H5P (CVE-2024-3111) , Jun 28, 2024
New vulnerability
Disable Content Editor For Specific Template (CVE-2025-12072) , Nov 10, 2025
AnyComment (CVE-2025-48091) , Nov 10, 2025
AnyComment (CVE-2025-60240) , Nov 10, 2025
Memberlite Shortcodes (CVE-2025-48087) , Nov 10, 2025
Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps &amp; One (CVE-2025-10567) , Nov 10, 2025